Eku28

Bonsoir nardino, J'ai terminé la désinstallation sans problème et redémarrer sans problème aussi. Je mets en "Résolu" et encore merci de ton aide et de ta patience.... @+

Bonsoir, Ok, dernière question : Pour désinstaller proprement tous les outils de test, je passe par "Ajout /suppression de programmes" ou j'utilise "Revo Uninstaller" ? Après, je passe en résolu. Merci de ta réponse et de ton aide pour ce sujet.

Bonsoir nardino, Désolé pour ce long délai à répondre. J'ai effectué les manips demandées, désinstallation d'Avast et installation d'Antivir. Après plusieurs démarrages de test, cela fonctionne. Des investigations complémentaires ou on en reste là ? Merci de ta réponse.

Bonsoir nardino, Je complète le point précédent en plus détaillé, ce qui risqued'être un peu long mais à mon avis nécessaire : 1/ Premier diagnostic avec " ZHPDiag " 2/ A l'issue de ce diagnostic, un premier traitement avec"AdwCleaner " qui a supprimé quelques fichiers/dossiers et pas mal de clé du registre. 3/ Un scan avec MBAM qui ne détecte pas de nuisible. Al'issue des points 2&3, tentative de redémarrage en mode normal= impossible de quitter en normal. Démarrageen " mode sans échec avec prise en charge réseau " 4/ Scan avec " Combofix " = impossible 5/ Scan en " LiveCD " avec " DrWeb ".Résultats : Infected 2/0 Deleted 1 Moved 2 et tous les autres indicateurs à 0. Ace stade, pas de changement sur le comportement de la machine. 6/ Analyse avec " tdsskiller " = Impossible. Ace stade, je constate par hasard qu' Avast a une incidence néfastesur le démarrage. 7/ Tentative d' analyse " Combofix " &" tdsskiller " en mode sans échec "avec " Avast " désactivé. Résultats : " tdsskiller " = un objet détecté et mis en " Skipped by user ". " Combofix " = je suis incapable d'analyser le rapport. Ace stade, la machine se comporte toujours pareille si je démarreavec " Avast " actif. Je désactive " Avast "avant de quitter et ça démarre impeccable ?... Je réactive" Avast " à ce moment et tout fonctionne durantla session. Il faut juste penser à désactiver " Avast "avant de quitter. C' est pas top comme fonctionnement. Voilà,je pense n’ avoir rien oublié. Mesquestions : A /La machine est-elle infectée ? B/ Si oui, qu' est ce que je fais ? Indique moi la marche àsuivre. C/ Si non, indique moi comment désinstaller proprement les outils detest. D/ Avast a-t-il réellement une incidence sur ce qui m' arrive ou bienest ce un " bug " du système ? Je précise que je ne suis pas "marié" avec Avast donc un changement est toujours possible. Mercide l’intérêt porté à ce sujet.

Bonjour, Après toutes ces manips, j' en suis au même point. Lors des différentes manips effectuées, je me suis rendu compte par hasard que avast avait un effet sur le problème que l'on traite. Quand avast est actif, je relance plusieurs fois la machine avant d'avoir des fonctionnalités correctes, cela peut aller jusqu'à dix fois sans résultat. Lorsque je désactive Avast, le démarrage se fait très bien sans problème et ce à chaque démarrage. Après démarrage, je réactive avast et ça marche. Avast serait le "Troll" ou bien un virus ou autre qui l’empêcherait de fonctionner ? Merci.

Bonsoir, Désolé pour la réponse tardive. Voici les deux rapports : - Combofix : Combo - TDSSKiller : TDSS Ces deux manips sont faites en mode sans échec normal sur la session admin avec avast et zonealarm désactivé sinon ça ne fonctionne pas même en mode sans échec ? Merci

Bonsoir, Je me rend compte que ce matin, j'ai lancé "TDSSKiller" sur une session utilisateur. J'ai donc relancé ce soir le scan sur la session admin. Je dis bien admin et pas "super admin" Après le reboot, il m'a redemandé d'exécuter "TDSSKiller" il a tourné durant plus de deux heures sans que rien ne se passe. J'avais uniquement un écran d'invite de commande avec un tiret blanc. J'ai arrêté et depuis impossible de démarrer. Comme au début, tout se charge et dès que je lance une application = bloqué. Est ce normal aussi long pour exécuter "TDSSKiller" ou bien cette machine est vraiment maudite ? Je n'ai peut-être pas été assez patient ? Je viens enfin de pouvoir récupérer le dernier rapport effectué en mode admin. Nouveauté : il ne reconnais mes clés USB ? C'est bizarre quand même, aucune des tentatives effectuées ne peut aller jusqu'au bout. Modif après reflexions. Je viens d'essayer de démarrer en ayant désactiver Avast. Après trois essais de démarrage, ça fonctionne à chaque fois. Les boutons "Arrêter"; "redémarrer" ont retrouvé leurs jeunesses... Cela démarre plein pot, les applis se lancent !..... Et si c'était tout simplement Avast qui ferait tout ce "merdier" ? Merci de ta patience avec ce satané PC. 17:39:14.0437 4244 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35 17:39:14.0968 4244 ============================================================ 17:39:14.0968 4244 Current date / time: 2012/11/05 17:39:14.0968 17:39:14.0968 4244 SystemInfo: 17:39:14.0968 4244 17:39:14.0968 4244 OS Version: 5.1.2600 ServicePack: 3.0 17:39:14.0968 4244 Product type: Workstation 17:39:14.0968 4244 ComputerName: MAISON-8F808655 17:39:14.0968 4244 UserName: Taranis 17:39:14.0968 4244 Windows directory: C:\WINDOWS 17:39:14.0968 4244 System windows directory: C:\WINDOWS 17:39:14.0968 4244 Processor architecture: Intel x86 17:39:14.0968 4244 Number of processors: 2 17:39:14.0968 4244 Page size: 0x1000 17:39:14.0968 4244 Boot type: Normal boot 17:39:14.0968 4244 ============================================================ 17:39:15.0859 4244 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054 17:39:15.0875 4244 ============================================================ 17:39:15.0875 4244 \Device\Harddisk0\DR0: 17:39:15.0875 4244 MBR partitions: 17:39:15.0875 4244 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC7FF53F 17:39:15.0875 4244 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC7FF5BD, BlocksNum 0x18FFEABD 17:39:15.0890 4244 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x257FE0B9, BlocksNum 0xC7FF53F 17:39:15.0906 4244 \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x31FFD637, BlocksNum 0x8383749 17:39:15.0906 4244 ============================================================ 17:39:15.0921 4244 C: <-> \Device\Harddisk0\DR0\Partition1 17:39:15.0953 4244 D: <-> \Device\Harddisk0\DR0\Partition2 17:39:16.0000 4244 E: <-> \Device\Harddisk0\DR0\Partition3 17:39:16.0015 4244 F: <-> \Device\Harddisk0\DR0\Partition4 17:39:16.0015 4244 ============================================================ 17:39:16.0015 4244 Initialize success 17:39:16.0015 4244 ============================================================ 17:39:22.0906 4804 Deinitialize success

Bonjour, Problème au lancement de "TDSSKiller". Au lancement, un premier message d'erreur : "Can't load driver". A l'action "Reboot now" second message "Can't install extended monitoring driver". Je fais Ok et pas de redémarrage, je reviens sur le tableau "Setting". A ce stade, je continue de lancer ? Je suppose que si je lance sans avoir rebooter, TDSSKiller ne pourra pas faire de comparaisons avant/après. J'attends tes instructions. Merci de ton aide.

Bonjour, Le résultat du scan : Scanned 660902 / 571885 Infected 2 / 0 Deleted 1 Moved 2 Pour tous les autres indicateurs, ils sont à 0 / 0 ou 0. Pour la suite : Le comportement du PC n' a pas changé. En mode sans échec comme en normal. Par curiosité, j'ai relancé "Combofix", il bloque au même endroit.

Bonjour, Merci pour la réponse. Pour l'instant, le scan est en cours depuis environ 2h20. Je te tiens au courant dés que j'ai la main sur le système. @ plus

Bonjour, J'ai lancé un scan avec "Dr.Web". Cela tourne... Est il nécessaire de faire une autre analyse avec "Antivir" ? Juste une question avec "Dr.Web", j'obtiens comment le résultat du scan ? fichier ?

Bonjour, Je n'ai pas pu installer "ComboFix" même en mode sans échec avec connexion réseau. Je suis passer par l'installation via clé usb toujours en mode sans échec. L’installation est bloquée depuis 15 minutes à 50% de progression sur "Destination : C:\32788R22FWJFW" Normal ?

Bonjour, Quitter le mode sans échec normalement n'est possible que en mode sauvage (avec le bouton On/Off). Redémarrage en mode normal non concluant. Le fond d'écran s'affiche uniquement. Pas de menu démarrer ni de barre de tache. Arrêt en mode sauvage. Démarrage semble "normal" mais pas possible de lancer une application.

Bonjour, Désolé pour le retard à répondre, Petit problème après le scan de "AdwCleaner". Le PC redémarre mais "figé de chez figé" et impossible évidemment de lancer MBAM. Après plusieurs tentatives, j'ai tenté un "mode sans échec avec connexion réseau" qui a fonctionné et j'ai pu récupérer les deux fichiers "Adw" et "MBAM" via clé usb. Lien Adw Lien MBAM Je reste en mode sans échec ou je quitte ? Merci de ta réponse.

Bonjour nardino, Merci de t' occuper de mon cas. Voici le rapport "ZHPDiag" Lien vers Cjoint

Bonjour à tous, Je viens chercher de l'aide vers vous car je ne sais pas encore si mon problème est d'ordre système ou mécanique. Je procède donc par élimination et je commence par le système, suis je infecté ou pas ? Voici donc l'exposé du problème et un bref historique de ce que j'ai constaté si ça peut aider. Depuis une semaine environ, le PC se fige au démarrage de façon aléatoire. Les raccourcis s'installent « normalement » dans la barre des tâches ainsi que dans le « systray » ce qui semble indiquer un démarrage correct mais quand je veux en lancer une, rien ne se passe. Le curseur de pointage tourne comme un fou et rien ne démarre. Les applications ne se lancent plus comme si le chemin n'était pas ou plus reconnu. Plus d'accès au gestionnaire de tâches (Ctrl+Alt+Sup ne fonctionneplus). Les boutons « Arrêter l'ordi » et « redémarrer »sont inactifs. Quand le PC démarre « normalement », tout se passe bien. Historique de ce qui a été fait avant et après le constat de cette anomalie. Avant Les mises à jour suivantes ont été faites : -Win XP en automatique. -Java de 6 vers 7. -Avast free, programme 7.0.1473 vers 7.0.1474 -Spybot. -Nokia suite Après Refait les raccourcis de la barre de taches, pas de changement. Lancer les applications à partir de leurs « exe », sans succès. Du coup, j'ai lancé une restauration système à une date ultérieure aux MàJ. Ce qui a eu pour effet de désinstaller les MàJ de Avast et Java. Pour les autres, Win XP et Spybot, je ne sais pas. Nokia suite, pas désinstallée. La restauration semble donner satisfaction, après plusieurs redémarrages, tout ce passe bien. Bien que je ne crois pas aux problèmes dus aux MàJ, je n'ai pas réinstallé celles supprimées. Après avoir consulté les différents sujets de ce forum, je me rends compte que c'est pas si simple et que la recherche d'anomalie passe par un pilotage approprié, voir personnalisé, je sollicite donc votre aide pour me dépatouiller de ce truc, au moins éliminer ou confirmer le facteur infection. Je vous remercie de l'intérêt et de l'attention que vous porterez à ce sujet.

Bonsoir ab-web, Merci des infos. Je vais malgré tout opter pour la réinstallation. J'en profiterai pour revoir ma politique sécuritaire et réorganiser mes profils utilisateurs. Merci encore à toi et bleuet pour votre participation. Je ne mets pas en résolu car ce sujet ne l'es pas et je ne sais pas quoi mettre. "Sujet sans suite" ? peut-être. A+

Bonjour ab-web, Avant de désinstaller "sauvagement" Avira, j'ai effectué un point de restauration. J'ai désinstallé en mode sans échec. Avant désinstallation, ma connexion était valide. La première chose que j'ai vérifié est l'état de la connexion. Ensuite j'ai essayé de restaurer au point précédent = échec de la restauration ?? J'ai également essayé la restauration en mode sans échec mais impossible d'ouvrir le tableau. En mode utilisateur normal et/ou Admin je n'ai plus la connexion malgré que les paramétrages soit conforme. Quand je demande au système de réparer, j'ai le message suivant : "Windows ne peut pas réparer le problème, impossible de renouveler votre adresse IP." Le réseau fonctionne car je poste depuis un autre PC relié à la même box. Entre temps, j'ai installé "Avast free", j'ai bizarrement le même soucis, pas d'éxécutable de désinstallation ? A mon avis le malaise semble plus profond que le simple problème de désinstallation. Je vais donc passer par la réinstallation complète du système Pour ton information, je souhaitais désinstallé Avira car le setup d'installation propose une Toolbar "Ask.com" qui si on la désactive empêche le fonctionnement de "Web protection". Cela me parait un peu léger même pour un gratuit. En installant avast, je me rends compte que lui aussi "impose" une installation de google chrome et qui plus est impose son utilisation par défaut si on on ne fait pas attention à l'ordre de cochage des boutons. Je pense que je vais passer à un antivirus payant mais ni avast ni avira. J'oriente mon choix vers trend micro. Voilà pour la motivation de désinstallation car autrement ce programme semble bien fonctionné.

Bonsoir bleuet, bonsoir ab-web, Tout d'abord, je vous remercie tous les deux de votre aide. Effectivement la remarque d'ab-web est judicieuse. En mode sans échec j'ai le même résultat car pas lister dans Ajout/suppression des programmes. Cependant j'ai essayé quand même dès fois que mais sans résultat. Pour ce qui est de revo uninstaller, je n'ai pas la version pro et le clic droit ne permet pas la manip. J'ai vérifié si un réglage approprié existe dans les options de révo = rien. Je crois que j'ai fait une boulette, j'ai tenté de faire une désinstallation sauvage et au redémarrage je n'ai plus la connexion internet.

Bonsoir à tous, Mon soucis est dans le sujet. Mon OS = XP Pro SP3 à jour. Je suis sous "Avira Free Antivirus" version 12.0.0.861. Lorsque j'ai installé la version 12, j'ai d'abord désinstallé la version 10 en passant normalement par Ajout/suppression de programmes. Le "Centre de sécurité Windows" confirme que l'antivirus est actif. Dans le "systray" l'icone parapluie est déployée et le popup indique que ça fonctionne. J'accède à l'interface de configuration sans problème. Les mises à jour se font normalement. Tout fonctionne quoi ! Mais impossible à désinstaller. J'ai essayé ça : - Ajout/suppression de programmes = Avira n'est pas listé dedans ??? - Dans le menu "Démarrer", un dossier "Avira Desktop" existe mais impossible de trouver le désinstalleur ??? - Dans le dossier "Avira" de "Program files" le désinstalleur n' y est pas non plus. Même en affichant les dossiers et fichiers masqués ainsi que les fichiers protégés. - Revo Uninstaller ne trouve pas non plus le dossier Avira. - A tout hasard j'ai lancé une recherche sur tous les désinstalleurs = Pas d'Avira??? - Je suis aller voir sur le forum d'Avira, la désinstallation est préconisée par Ajout/suppression de programmes puis une utilisation d'Avira Registry Cleaner. Je ne peux déjà pas exécuter la première étape ! Que faire de plus, utiliser Avira Registry Cleaner malgré tout ou sinon virer carrément le dossier Avira de "Program files" ? Si quelqu'un à la solution je suis preneur. Je vous remercie de l'attention que vous porterez à ce sujet et de l'aide que vous pourrez apporter.

Bonsoir Pear, Merci de votre aide. Je mets ce sujet en résolu.

Bonsoir, J'ai redémarrer la machine après le scan de nettoyage. Antivir me signale que le "Web protection" est défectueux et que le PC n'est pas protégé ? J'ai également relancé un ZHP Diag, il reste trois lignes de "Processus superflu du système" : C:\Documents and Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\user.js (.not file.) O4 - HKLM\..\Run: [KernelFaultCheck] Clé orpheline O44 - LFC:[MD5.CBA4B52EDA344E9BD18502EC16CAD9E5] - 01/11/2011 - 18:53:38 ---A- . (...) -- C:\hpfr3420.log [1440] Apparemment, je pense que ce n'est pas gravissime. J'ai laissé tourner la machine sans y toucher durant une heure et tout est rentré dans l'ordre, l'écran ne s'éteint plus. Je suppose que je peux désinstaller AdwCleaner.

Bonsoir Pear, Merci de votre soutien concernant mon soucis. Voici les rapport demandés : # AdwCleaner v1.316 - Rapport créé le 02/11/2011 à 17:35:05 # Mis à jour le 31/10/11 à 22h par Xplode # Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits) # Nom d'utilisateur : Taranis - MAISON-8F808655 (Droits Limités) # Exécuté depuis : F:\Firefox Taranis\adwcleaner0.exe # Option [Recherche] ***** [Processus] ***** ***** [services] ***** ***** [Fichiers / Dossiers] ***** Dossier Présent : C:\Documents and Settings\Taranis\Local Settings\Application Data\AskToolbar Dossier Présent : C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE} Dossier Présent : C:\Documents and Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\Conduit Fichier Présent : C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job ***** [Registre] ***** Clé Présente : HKCU\Software\Ask.com Clé Présente : HKCU\Software\AskToolbar Clé Présente : HKCU\Software\APN Clé Présente : HKCU\Software\Conduit Clé Présente : HKLM\SOFTWARE\AskToolbar Clé Présente : HKLM\SOFTWARE\APN Clé Présente : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd Clé Présente : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1 Clé Présente : HKLM\SOFTWARE\Classes\pdfforge.DllInfo Clé Présente : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDF Clé Présente : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDFEncryptor Clé Présente : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDFLine Clé Présente : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDFText Clé Présente : HKLM\SOFTWARE\Classes\pdfforge.Tools Clé Présente : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL Clé Présente : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874} Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} Clé Présente : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF Clé Présente : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF Clé Présente : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2796BAE63F1801E277261BA0D77770028F20EEE4 Clé Présente : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} Clé Présente : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} Clé Présente : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} Clé Présente : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48} Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56} Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402} Clé Présente : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Clé Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE} Valeur Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}] ***** [Navigateurs] ***** -\\ Internet Explorer v8.0.6001.18702 [OK] Le registre ne contient aucune entrée illégitime. -\\ Mozilla Firefox v7.0.1 (fr) Profil : 8yv5jtro.default Fichier : C:\Documents and Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\prefs.js Présente : user_pref("CT2613520.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx"); Présente : user_pref("CT2613520.CTID", "ct2613520"); Présente : user_pref("CT2613520.CurrentServerDate", "5-3-2011"); Présente : user_pref("CT2613520.DialogsAlignMode", "LTR"); Présente : user_pref("CT2613520.DownloadReferralCookieData", ""); Présente : user_pref("CT2613520.EMailNotifierPollDate", "Sat Mar 05 2011 12:41:34 GMT+0100"); Présente : user_pref("CT2613520.FirstServerDate", "5-3-2011"); Présente : user_pref("CT2613520.FirstTime", true); Présente : user_pref("CT2613520.FirstTimeFF3", true); Présente : user_pref("CT2613520.FirstTimeSettingsDone", true); Présente : user_pref("CT2613520.FixPageNotFoundErrors", true); Présente : user_pref("CT2613520.GroupingServerCheckInterval", 1440); Présente : user_pref("CT2613520.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/"); Présente : user_pref("CT2613520.Initialize", true); Présente : user_pref("CT2613520.InitializeCommonPrefs", true); Présente : user_pref("CT2613520.InstallationAndCookieDataSentCount", 3); Présente : user_pref("CT2613520.InstallationType", "UnknownIntegration"); Présente : user_pref("CT2613520.InstalledDate", "Sat Mar 05 2011 12:41:34 GMT+0100"); Présente : user_pref("CT2613520.IsGrouping", false); Présente : user_pref("CT2613520.IsMulticommunity", false); Présente : user_pref("CT2613520.IsOpenThankYouPage", false); Présente : user_pref("CT2613520.IsOpenUninstallPage", false); Présente : user_pref("CT2613520.LanguagePackLastCheckTime", "Sat Mar 05 2011 12:41:39 GMT+0100"); Présente : user_pref("CT2613520.LanguagePackReloadIntervalMM", 1440); Présente : user_pref("CT2613520.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx"); Présente : user_pref("CT2613520.LastLogin_2.7.1.3", "Sat Mar 05 2011 12:41:36 GMT+0100"); Présente : user_pref("CT2613520.LatestVersion", "2.7.1.3"); Présente : user_pref("CT2613520.Locale", "fr-fr"); Présente : user_pref("CT2613520.LoginCache", 4); Présente : user_pref("CT2613520.MCDetectTooltipHeight", "83"); Présente : user_pref("CT2613520.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1"); Présente : user_pref("CT2613520.MCDetectTooltipWidth", "295"); Présente : user_pref("CT2613520.RadioIsPodcast", false); Présente : user_pref("CT2613520.RadioMediaID", "9962"); Présente : user_pref("CT2613520.RadioMediaType", "Media Player"); Présente : user_pref("CT2613520.RadioMenuSelectedID", "EBRadioMenu_CT26135209962"); Présente : user_pref("CT2613520.RadioStationName", "California%20Rock"); Présente : user_pref("CT2613520.RadioStationURL", "hxxp://feedlive.net/california.asx"); Présente : user_pref("CT2613520.SearchFromAddressBarIsInit", true); Présente : user_pref("CT2613520.SearchInNewTabEnabled", true); Présente : user_pref("CT2613520.SearchInNewTabIntervalMM", 1440); Présente : user_pref("CT2613520.SearchInNewTabLastCheckTime", "Sat Mar 05 2011 12:41:35 GMT+0100"); Présente : user_pref("CT2613520.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID"); Présente : user_pref("CT2613520.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID"); Présente : user_pref("CT2613520.SettingsCheckIntervalMin", 120); Présente : user_pref("CT2613520.SettingsLastCheckTime", "Sat Mar 05 2011 12:41:33 GMT+0100"); Présente : user_pref("CT2613520.SettingsLastUpdate", "1298200004"); Présente : user_pref("CT2613520.ThirdPartyComponentsInterval", 504); Présente : user_pref("CT2613520.ThirdPartyComponentsLastCheck", "Sat Mar 05 2011 12:41:33 GMT+0100"); Présente : user_pref("CT2613520.ThirdPartyComponentsLastUpdate", "1255348267"); Présente : user_pref("CT2613520.TrusteLinkUrl", "hxxp://trust.conduit.com/EB_ORIGINAL_CTID"); Présente : user_pref("CT2613520.UserID", "UN24592630161310702"); Présente : user_pref("CT2613520.WeatherNetwork", ""); Présente : user_pref("CT2613520.WeatherPollDate", "Sat Mar 05 2011 12:41:35 GMT+0100"); Présente : user_pref("CT2613520.WeatherUnit", "C"); Présente : user_pref("CT2613520.alertChannelId", "1006317"); Présente : user_pref("CT2613520.clientLogIsEnabled", true); Présente : user_pref("CT2613520.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent"); Présente : user_pref("CT2613520.ct2613520.DialogsAlignMode", "LTR"); Présente : user_pref("CT2613520.ct2613520.FirstTimeSettingsDone", true); Présente : user_pref("CT2613520.ct2613520.InvalidateCache", false); Présente : user_pref("CT2613520.ct2613520.LanguagePackLastCheckTime", "Sat Mar 05 2011 12:41:40 GMT+0100"); Présente : user_pref("CT2613520.ct2613520.Locale", "fr-fr"); Présente : user_pref("CT2613520.ct2613520.RadioLastCheckTime", "Sat Mar 05 2011 12:41:34 GMT+0100"); Présente : user_pref("CT2613520.ct2613520.RadioLastUpdateIPServer", "3"); Présente : user_pref("CT2613520.ct2613520.RadioLastUpdateServer", "0"); Présente : user_pref("CT2613520.ct2613520.SearchEngine", "Recherche||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=ct2613520&octid=EB_ORIGINAL_CTID&SearchSource=1"); Présente : user_pref("CT2613520.ct2613520.SettingsCheckIntervalMin", 120); Présente : user_pref("CT2613520.ct2613520.SettingsLastCheckTime", "Sat Mar 05 2011 12:41:34 GMT+0100"); Présente : user_pref("CT2613520.ct2613520.SettingsLastUpdate", "1298200004"); Présente : user_pref("CT2613520.ct2613520.ThirdPartyComponentsLastCheck", "Sat Mar 05 2011 12:41:34 GMT+0100"); Présente : user_pref("CT2613520.ct2613520.ThirdPartyComponentsLastUpdate", "1255348267"); Présente : user_pref("CT2613520.myStuffEnabled", true); Présente : user_pref("CT2613520.myStuffPublihserMinWidth", 400); Présente : user_pref("CT2613520.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID"); Présente : user_pref("CT2613520.myStuffServiceIntervalMM", 1440); Présente : user_pref("CT2613520.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT"); Présente : user_pref("CT2613520.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation"); Présente : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.properties"); Présente : user_pref("CommunityToolbar.ToolbarsList", "CT2613520"); Présente : user_pref("CommunityToolbar.ToolbarsList2", "CT2613520"); Présente : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sat Mar 05 2011 12:41:35 GMT+0100"); Présente : user_pref("extensions.asktb.AviraIDW-TS", "1320077985498"); Présente : user_pref("extensions.asktb.AviraIDW-XML", "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\r\n<button xmlns=\"hxxp://websearch.ask.com/widgets\">\n <widget_url>hxxps://aviratoolbar.idwatchdog.com/toolbars/index</widget_url>\n <title>Basic Identity Monitoring</title>\n <tooltip>(inactive) Basic identity monitoring and alerts provide an early warning system for credit errors and fraud.</tooltip>\n <icon>hxxp://www.idwatchdog.com/emails/images/inactive_icon.png</icon>\n <cache_timer>1440</cache_timer>\n</button>"); Présente : user_pref("extensions.asktb.InstallDir", "C:\\Program Files\\Ask.com\\"); Présente : user_pref("extensions.asktb.cbid", "JM"); Présente : user_pref("extensions.asktb.clear-searches-on-exit", true); Présente : user_pref("extensions.asktb.config-updated", true); Présente : user_pref("extensions.asktb.crumb", "2011.07.09+09.35.27-toolbar011iad-FR-Qm91bG9nbmUtQmlsbGFuY291cnQsRnJhbmNl"); Présente : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://fr.ask.com/web?q={query}&qsrc={qsrc}&o={o}&l={l}&gct=bar"); Présente : user_pref("extensions.asktb.dtid", "YYYYYYYYFR"); Présente : user_pref("extensions.asktb.ff-original-keyword-url", "chrome://browser-region/locale/region.properties"); Présente : user_pref("extensions.asktb.fresh-install", false); Présente : user_pref("extensions.asktb.guid", "3fa028b3-3c51-4db7-9057-da2efeaafa00"); Présente : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com\", \"www.facebook.com\", \"www.playsushi.com\", \"WWW.google.com\", \"hxxps://websearch.ask.com\", \"hxxp://wiki.jeeves.ask.info\", \"69.147.125.65\", \"10.0.2.85\", \"sp.ask.com\", \"websearch.ask.com\", \"www.ask.com\", \"ask.com\"]"); Présente : user_pref("extensions.asktb.if", "first"); Présente : user_pref("extensions.asktb.l", "dis"); Présente : user_pref("extensions.asktb.last-config-req", "1320077948776"); Présente : user_pref("extensions.asktb.locale", "fr_FR"); Présente : user_pref("extensions.asktb.location", "Boulogne-Billancourt,France"); Présente : user_pref("extensions.asktb.notification-shown", true); Présente : user_pref("extensions.asktb.o", "100000080"); Présente : user_pref("extensions.asktb.overlay-reloaded-using-restart", true); Présente : user_pref("extensions.asktb.qsrc", "2871"); Présente : user_pref("extensions.asktb.r", "7"); Présente : user_pref("extensions.asktb.sa", "YES"); Présente : user_pref("extensions.asktb.saguid", "0B9A597C-D921-48F3-83CF-F9A1F003F89D"); Présente : user_pref("extensions.asktb.search-suggestions-enabled", true); Présente : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false); Présente : user_pref("extensions.asktb.themeid", ""); Présente : user_pref("extensions.asktb.to", ""); Présente : user_pref("extensions.asktb.v", "3.12.2.100006"); Présente : user_pref("extensions.asktb.version", "5.12.2.17367"); Présente : user_pref("extensions.enabledItems", "{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.9,{3d7eb24f-2740-49df-8937-200b1cc08f8a}:1.5.15,{d37dc5d0-431d-44e5-8c91-49419370caa1}:2.9.35,{582195F5-92E7-40a0-A127-DB71295901D7}:0.6.4.1,jqs@sun.com:1.0,keyscrambler@qfx.software.corporation:2.8.1.0,{20a82645-c095-46ed-80e3-08825760534b}:1.2.1,{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20110704,DeviceDetection@logitech.com:1.22.0.4,ietab@ip.cn:1.98.20110322,{35106bca-6c78-48c7-ac28-56df30b51d2b}:1.1.12,maps@ovi.com:4.0.12.12,{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.74,bkmrksync@nokia.com:1.0.0.740,{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26,toolbar@ask.com:3.12.2.17367,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.18,{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}:3.76"); Présente : user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=AVR-W1&o=100000080&locale=fr_FR&apn_uid=3fa028b3-3c51-4db7-9057-da2efeaafa00&apn_ptnrs=JM&apn_sauid=0B9A597C-D921-48F3-83CF-F9A1F003F89D&apn_dtid=YYYYYYYYFR&q="); ************************* AdwCleaner[R1].txt - [14280 octets] - [02/11/2011 17:35:05] ########## EOF - C:\AdwCleaner[R1].txt - [14409 octets] ########## - - - - - - - - - - - - - - - # AdwCleaner v1.316 - Rapport créé le 02/11/2011 à 17:51:22 # Mis à jour le 31/10/11 à 22h par Xplode # Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits) # Nom d'utilisateur : Taranis - MAISON-8F808655 (Droits Limités) # Exécuté depuis : F:\Firefox Taranis\adwcleaner0.exe # Option [suppression] - - - - - - - - - - - - - - - - # AdwCleaner v1.316 - Rapport créé le 02/11/2011 à 17:52:31 # Mis à jour le 31/10/11 à 22h par Xplode # Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits) # Nom d'utilisateur : Taranis - MAISON-8F808655 (Droits Limités) # Exécuté depuis : F:\Firefox Taranis\adwcleaner0.exe # Option [suppression] ***** [KillNav] ***** Aucun navigateur n'était en cours d'exécution. ***** [Processus] ***** ***** [services] ***** ***** [Fichiers / Dossiers] ***** Dossier Supprimé : C:\Documents and Settings\Taranis\Local Settings\Application Data\AskToolbar Dossier Supprimé : C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE} Dossier Supprimé : C:\Documents and Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\Conduit Fichier Supprimé : C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job ***** [Registre] ***** Clé Supprimée : HKCU\Software\Ask.com Clé Supprimée : HKCU\Software\AskToolbar Clé Supprimée : HKCU\Software\APN Clé Supprimée : HKCU\Software\Conduit Clé Supprimée : HKLM\SOFTWARE\AskToolbar Clé Supprimée : HKLM\SOFTWARE\APN Clé Supprimée : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd Clé Supprimée : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1 Clé Supprimée : HKLM\SOFTWARE\Classes\pdfforge.DllInfo Clé Supprimée : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDF Clé Supprimée : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDFEncryptor Clé Supprimée : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDFLine Clé Supprimée : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDFText Clé Supprimée : HKLM\SOFTWARE\Classes\pdfforge.Tools Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} Clé Supprimée : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF Clé Supprimée : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF Clé Supprimée : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2796BAE63F1801E277261BA0D77770028F20EEE4 Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402} Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE} Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}] ***** [Navigateurs] ***** -\\ Internet Explorer v8.0.6001.18702 [OK] Le registre ne contient aucune entrée illégitime. -\\ Mozilla Firefox v7.0.1 (fr) Profil : 8yv5jtro.default Fichier : C:\Documents and Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\prefs.js C:\Documents and Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\user.js ... Supprimé ! Supprimée : user_pref("CT2613520.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx"); Supprimée : user_pref("CT2613520.CTID", "ct2613520"); Supprimée : user_pref("CT2613520.CurrentServerDate", "5-3-2011"); Supprimée : user_pref("CT2613520.DialogsAlignMode", "LTR"); Supprimée : user_pref("CT2613520.DownloadReferralCookieData", ""); Supprimée : user_pref("CT2613520.EMailNotifierPollDate", "Sat Mar 05 2011 12:41:34 GMT+0100"); Supprimée : user_pref("CT2613520.FirstServerDate", "5-3-2011"); Supprimée : user_pref("CT2613520.FirstTime", true); Supprimée : user_pref("CT2613520.FirstTimeFF3", true); Supprimée : user_pref("CT2613520.FirstTimeSettingsDone", true); Supprimée : user_pref("CT2613520.FixPageNotFoundErrors", true); Supprimée : user_pref("CT2613520.GroupingServerCheckInterval", 1440); Supprimée : user_pref("CT2613520.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/"); Supprimée : user_pref("CT2613520.Initialize", true); Supprimée : user_pref("CT2613520.InitializeCommonPrefs", true); Supprimée : user_pref("CT2613520.InstallationAndCookieDataSentCount", 3); Supprimée : user_pref("CT2613520.InstallationType", "UnknownIntegration"); Supprimée : user_pref("CT2613520.InstalledDate", "Sat Mar 05 2011 12:41:34 GMT+0100"); Supprimée : user_pref("CT2613520.IsGrouping", false); Supprimée : user_pref("CT2613520.IsMulticommunity", false); Supprimée : user_pref("CT2613520.IsOpenThankYouPage", false); Supprimée : user_pref("CT2613520.IsOpenUninstallPage", false); Supprimée : user_pref("CT2613520.LanguagePackLastCheckTime", "Sat Mar 05 2011 12:41:39 GMT+0100"); Supprimée : user_pref("CT2613520.LanguagePackReloadIntervalMM", 1440); Supprimée : user_pref("CT2613520.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx"); Supprimée : user_pref("CT2613520.LastLogin_2.7.1.3", "Sat Mar 05 2011 12:41:36 GMT+0100"); Supprimée : user_pref("CT2613520.LatestVersion", "2.7.1.3"); Supprimée : user_pref("CT2613520.Locale", "fr-fr"); Supprimée : user_pref("CT2613520.LoginCache", 4); Supprimée : user_pref("CT2613520.MCDetectTooltipHeight", "83"); Supprimée : user_pref("CT2613520.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1"); Supprimée : user_pref("CT2613520.MCDetectTooltipWidth", "295"); Supprimée : user_pref("CT2613520.RadioIsPodcast", false); Supprimée : user_pref("CT2613520.RadioMediaID", "9962"); Supprimée : user_pref("CT2613520.RadioMediaType", "Media Player"); Supprimée : user_pref("CT2613520.RadioMenuSelectedID", "EBRadioMenu_CT26135209962"); Supprimée : user_pref("CT2613520.RadioStationName", "California%20Rock"); Supprimée : user_pref("CT2613520.RadioStationURL", "hxxp://feedlive.net/california.asx"); Supprimée : user_pref("CT2613520.SearchFromAddressBarIsInit", true); Supprimée : user_pref("CT2613520.SearchInNewTabEnabled", true); Supprimée : user_pref("CT2613520.SearchInNewTabIntervalMM", 1440); Supprimée : user_pref("CT2613520.SearchInNewTabLastCheckTime", "Sat Mar 05 2011 12:41:35 GMT+0100"); Supprimée : user_pref("CT2613520.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID"); Supprimée : user_pref("CT2613520.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID"); Supprimée : user_pref("CT2613520.SettingsCheckIntervalMin", 120); Supprimée : user_pref("CT2613520.SettingsLastCheckTime", "Sat Mar 05 2011 12:41:33 GMT+0100"); Supprimée : user_pref("CT2613520.SettingsLastUpdate", "1298200004"); Supprimée : user_pref("CT2613520.ThirdPartyComponentsInterval", 504); Supprimée : user_pref("CT2613520.ThirdPartyComponentsLastCheck", "Sat Mar 05 2011 12:41:33 GMT+0100"); Supprimée : user_pref("CT2613520.ThirdPartyComponentsLastUpdate", "1255348267"); Supprimée : user_pref("CT2613520.TrusteLinkUrl", "hxxp://trust.conduit.com/EB_ORIGINAL_CTID"); Supprimée : user_pref("CT2613520.UserID", "UN24592630161310702"); Supprimée : user_pref("CT2613520.WeatherNetwork", ""); Supprimée : user_pref("CT2613520.WeatherPollDate", "Sat Mar 05 2011 12:41:35 GMT+0100"); Supprimée : user_pref("CT2613520.WeatherUnit", "C"); Supprimée : user_pref("CT2613520.alertChannelId", "1006317"); Supprimée : user_pref("CT2613520.clientLogIsEnabled", true); Supprimée : user_pref("CT2613520.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent"); Supprimée : user_pref("CT2613520.ct2613520.DialogsAlignMode", "LTR"); Supprimée : user_pref("CT2613520.ct2613520.FirstTimeSettingsDone", true); Supprimée : user_pref("CT2613520.ct2613520.InvalidateCache", false); Supprimée : user_pref("CT2613520.ct2613520.LanguagePackLastCheckTime", "Sat Mar 05 2011 12:41:40 GMT+0100"); Supprimée : user_pref("CT2613520.ct2613520.Locale", "fr-fr"); Supprimée : user_pref("CT2613520.ct2613520.RadioLastCheckTime", "Sat Mar 05 2011 12:41:34 GMT+0100"); Supprimée : user_pref("CT2613520.ct2613520.RadioLastUpdateIPServer", "3"); Supprimée : user_pref("CT2613520.ct2613520.RadioLastUpdateServer", "0"); Supprimée : user_pref("CT2613520.ct2613520.SearchEngine", "Recherche||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=ct2613520&octid=EB_ORIGINAL_CTID&SearchSource=1"); Supprimée : user_pref("CT2613520.ct2613520.SettingsCheckIntervalMin", 120); Supprimée : user_pref("CT2613520.ct2613520.SettingsLastCheckTime", "Sat Mar 05 2011 12:41:34 GMT+0100"); Supprimée : user_pref("CT2613520.ct2613520.SettingsLastUpdate", "1298200004"); Supprimée : user_pref("CT2613520.ct2613520.ThirdPartyComponentsLastCheck", "Sat Mar 05 2011 12:41:34 GMT+0100"); Supprimée : user_pref("CT2613520.ct2613520.ThirdPartyComponentsLastUpdate", "1255348267"); Supprimée : user_pref("CT2613520.myStuffEnabled", true); Supprimée : user_pref("CT2613520.myStuffPublihserMinWidth", 400); Supprimée : user_pref("CT2613520.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID"); Supprimée : user_pref("CT2613520.myStuffServiceIntervalMM", 1440); Supprimée : user_pref("CT2613520.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT"); Supprimée : user_pref("CT2613520.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation"); Supprimée : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.properties"); Supprimée : user_pref("CommunityToolbar.ToolbarsList", "CT2613520"); Supprimée : user_pref("CommunityToolbar.ToolbarsList2", "CT2613520"); Supprimée : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sat Mar 05 2011 12:41:35 GMT+0100"); Supprimée : user_pref("extensions.asktb.AviraIDW-TS", "1320077985498"); Supprimée : user_pref("extensions.asktb.AviraIDW-XML", "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\r\n<button xmlns=\"hxxp://websearch.ask.com/widgets\">\n <widget_url>hxxps://aviratoolbar.idwatchdog.com/toolbars/index</widget_url>\n <title>Basic Identity Monitoring</title>\n <tooltip>(inactive) Basic identity monitoring and alerts provide an early warning system for credit errors and fraud.</tooltip>\n <icon>hxxp://www.idwatchdog.com/emails/images/inactive_icon.png</icon>\n <cache_timer>1440</cache_timer>\n</button>"); Supprimée : user_pref("extensions.asktb.InstallDir", "C:\\Program Files\\Ask.com\\"); Supprimée : user_pref("extensions.asktb.cbid", "JM"); Supprimée : user_pref("extensions.asktb.clear-searches-on-exit", true); Supprimée : user_pref("extensions.asktb.config-updated", true); Supprimée : user_pref("extensions.asktb.crumb", "2011.07.09+09.35.27-toolbar011iad-FR-Qm91bG9nbmUtQmlsbGFuY291cnQsRnJhbmNl"); Supprimée : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://fr.ask.com/web?q={query}&qsrc={qsrc}&o={o}&l={l}&gct=bar"); Supprimée : user_pref("extensions.asktb.dtid", "YYYYYYYYFR"); Supprimée : user_pref("extensions.asktb.ff-original-keyword-url", "chrome://browser-region/locale/region.properties"); Supprimée : user_pref("extensions.asktb.fresh-install", false); Supprimée : user_pref("extensions.asktb.guid", "3fa028b3-3c51-4db7-9057-da2efeaafa00"); Supprimée : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com\", \"www.facebook.com\", \"www.playsushi.com\", \"WWW.google.com\", \"hxxps://websearch.ask.com\", \"hxxp://wiki.jeeves.ask.info\", \"69.147.125.65\", \"10.0.2.85\", \"sp.ask.com\", \"websearch.ask.com\", \"www.ask.com\", \"ask.com\"]"); Supprimée : user_pref("extensions.asktb.if", "first"); Supprimée : user_pref("extensions.asktb.l", "dis"); Supprimée : user_pref("extensions.asktb.last-config-req", "1320077948776"); Supprimée : user_pref("extensions.asktb.locale", "fr_FR"); Supprimée : user_pref("extensions.asktb.location", "Boulogne-Billancourt,France"); Supprimée : user_pref("extensions.asktb.notification-shown", true); Supprimée : user_pref("extensions.asktb.o", "100000080"); Supprimée : user_pref("extensions.asktb.overlay-reloaded-using-restart", true); Supprimée : user_pref("extensions.asktb.qsrc", "2871"); Supprimée : user_pref("extensions.asktb.r", "7"); Supprimée : user_pref("extensions.asktb.sa", "YES"); Supprimée : user_pref("extensions.asktb.saguid", "0B9A597C-D921-48F3-83CF-F9A1F003F89D"); Supprimée : user_pref("extensions.asktb.search-suggestions-enabled", true); Supprimée : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false); Supprimée : user_pref("extensions.asktb.themeid", ""); Supprimée : user_pref("extensions.asktb.to", ""); Supprimée : user_pref("extensions.asktb.v", "3.12.2.100006"); Supprimée : user_pref("extensions.asktb.version", "5.12.2.17367"); Supprimée : user_pref("extensions.enabledItems", "{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.9,{3d7eb24f-2740-49df-8937-200b1cc08f8a}:1.5.15,{d37dc5d0-431d-44e5-8c91-49419370caa1}:2.9.35,{582195F5-92E7-40a0-A127-DB71295901D7}:0.6.4.1,jqs@sun.com:1.0,keyscrambler@qfx.software.corporation:2.8.1.0,{20a82645-c095-46ed-80e3-08825760534b}:1.2.1,{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20110704,DeviceDetection@logitech.com:1.22.0.4,ietab@ip.cn:1.98.20110322,{35106bca-6c78-48c7-ac28-56df30b51d2b}:1.1.12,maps@ovi.com:4.0.12.12,{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.74,bkmrksync@nokia.com:1.0.0.740,{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26,toolbar@ask.com:3.12.2.17367,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.18,{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}:3.76"); Supprimée : user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=AVR-W1&o=100000080&locale=fr_FR&apn_uid=3fa028b3-3c51-4db7-9057-da2efeaafa00&apn_ptnrs=JM&apn_sauid=0B9A597C-D921-48F3-83CF-F9A1F003F89D&apn_dtid=YYYYYYYYFR&q="); ************************* AdwCleaner[R1].txt - [14411 octets] - [02/11/2011 17:35:05] AdwCleaner[s1].txt - [327 octets] - [02/11/2011 17:51:22] AdwCleaner[s2].txt - [14746 octets] - [02/11/2011 17:52:31] ************************* Dossier Temporaire : 8 dossier(s)et 28 fichier(s) supprimés ########## EOF - C:\AdwCleaner[s2].txt - [14967 octets] ##########

Bonsoir à tous, Mon écran s'éteint après une dizaine de minutes sans intervention de ma part. Le système est paramétré pour ne jamais se mettre en veille ou s'éteindre. Le système = XP pro SP3 est à jour. Avira Free Antivirus version 12.0.0.861 mise à jour automatique. Zone Alarm Free Firewall version 9.2.105 mise à jour automatique. Comment j'ai procédé : - 1 / Un nettoyage avec "regseeker" et "ccleaner" fait tout rentre dans l'ordre, plus d'extinctions intempestives. Je n'ai utilisé aucun autre logiciel de nettoyage. - 2 / Une vérification avec ZHP m'amène ce soir pour une désinfection. Désolé, j'ai mis la "charrue avant les bœufs" en exécutant le nettoyage avant d'exécuter "ZHPDiag". - 3 / Un premier scan du 31/10/2011 (Copie intégrale en fin de poste) rapporte ceci dans un premier temps :- 4 / En supprimant les quatre premières lignes de "PROCESSUS SUPERFLU DU SYSTEME" qui correspondent à des profils "Firefox" que je ne me souviens pas avoir créés !!, des éléments ont été supprimés "naturellement". - 5 / Un nouveau scan du 01/11/2011 (Copie intégrale en fin de poste) après suppression ci-dessus rapporte ceci : Trois lignes de "PROCESSUS MALWARE" supprimées, il reste donc la ligne 069 ???? Toutes les lignes restantes de "PROCESSUS SUPERFLU DU SYSTEME" supprimées ???? et il apparait une nouvelle ligne 04 ?? - 6 / J'ai vérifié le contenu du fichier "pref.js" de mon profil Firefox incriminé par la ligne 069. Si ça peut servir, voici la suite de la ligne après "Results.aspx?" relevée dans le fichier : q=UCM_SEARCH_TERM&ctid=ct2613520&octid=EB_ORIGINAL_CTID&SearchSource=1"); Voilà, je pense n'avoir rien oublié. Merci de l'intérêt que vous porterez à ce sujet. Scan du 31/10/2011: Rapport de ZHPDiag v1.28.1350 par Nicolas Coolman, Update du 20/09/2011 Run by Taranis at 31/10/2011 18:12:31 Web site : ZHPDiag Outil de diagnostic ---\\ Web Browser MSIE: Internet Explorer v8.0.6001.18702 MFIE: Mozilla Firefox 7.0.1 v7.0.1 (Defaut) ---\\ Windows Product Information Windows XP Professional Service Pack 3 (Build 2600) Windows Automatic Updates : OK Windows Genuine Advantage : OK ---\\ System Information ~ Processor: x86 Family 16 Model 6 Stepping 2, AuthenticAMD ~ Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 1790 MB (60% free) System Restore: Activé (Enable) System drive C: has 77 GB (77%) free of 100 GB ---\\ Logged in mode ~ Computer Name: MAISON-8F808655 ~ User Name: Taranis ~ All Users Names: Taranis, SUPPORT_388945a0, Papounet, Mamounette, HelpAssistant, Administrateur, ~ Unselected Option: None Logged in as Administrator ---\\ Environnement Variables ~ System Unit : C:\ ~ %AppData% : C:\Documents and Settings\Taranis\Application Data\ ~ %Desktop% : C:\Documents and Settings\Taranis\Bureau\ ~ %Favorites% : C:\Documents and Settings\Taranis\Favoris\ ~ %LocalAppData% : C:\Documents and Settings\Taranis\Local Settings\Application Data\ ~ %StartMenu% : C:\Documents and Settings\Taranis\Menu Démarrer\ ~ %Windir% : C:\WINDOWS\ ~ %System% : C:\WINDOWS\system32\ ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 77 Go of 100 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 66 Go of 200 Go) E:\ Hard drive, Flash drive, Thumb drive (Free 100 Go of 100 Go) F:\ Hard drive, Flash drive, Thumb drive (Free 65 Go of 66 Go) G:\ CD-ROM drive (Not Inserted) H:\ CD-ROM drive (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK ~ Scan Security Center in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.31/10/2011 - 18:34:04.) -- C:\WINDOWS\Explorer.exe [1037824] [MD5.93AD0B78C7357A05F50E594EC7C22300] - (....) (.31/10/2011 - 18:34:22.) -- C:\WINDOWS\system32\rundll32.exe [33792] [MD5.3008D2F793F23FF0DDBC5A1FB9F8374F] - (.Microsoft Corporation - Internet Extensions for Win32.) (.31/10/2011 - 19:31:31.) -- C:\WINDOWS\system32\wininet.dll [916480] [MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.31/10/2011 - 18:34:30.) -- C:\WINDOWS\system32\Winlogon.exe [512000] [MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.31/10/2011 - 10:40:32.) -- C:\WINDOWS\system32\drivers\atapi.sys [96512] [MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.31/10/2011 - 11:15:54.) -- C:\WINDOWS\system32\drivers\ntfs.sys [574976] ~ Scan Generic Processes in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 1/2 ~ Mes musiques (My Musics) : 1/2 ~ Mes Favoris (My Favorites) : 2/9 ~ Mes Documents (My Documents) : 5/46 ~ Mon Bureau (My Desktop) : 0/1 ~ Menu demarrer (Programs) : 4/54 ~ Scan Hidden Files in 00mn 00s ---\\ Processus lancés [MD5.288E9F9CB529B4F7C6B58FC53940FB46] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\WINDOWS\system32\Ati2evxx.exe [643072] [PID.] [MD5.6797E0F85E5F419EEFBE2E4C7A622EA1] - (.Check Point Software Technologies LTD - TrueVector Service.) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2435592] [PID.] [MD5.72709089A54BDC1C5B16BC4A4B926567] - (.Avira Operations GmbH & Co. KG - Avira Scheduler.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [86224] [PID.] [MD5.42F88BFBB76F7A63E381829479B18518] - (.Avira Operations GmbH & Co. KG - Avira On-Access Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [110032] [PID.] [MD5.936209B6F93D0E11659CB2D229FE6583] - (.DeviceVM, Inc. - Browser Configuration Utility Auto-recovery.) -- C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe [212232] [PID.] [MD5.92E16F5D034E7864DA308BA6309A98B7] - (.Oracle Corporation - Java™ Quick Starter Service.) -- C:\Program Files\Java\jre7\bin\jqs.exe [161664] [PID.] [MD5.FD306FBCCE7ADB1077B709742E7148E9] - (...) -- C:\Program Files\CDBurnerXP\NMSAccessU.exe [71096] [PID.] [MD5.9B03B2D34D46F88638D51066531D08DC] - (.Prolific Technology Inc. - PLFlash DeviceIoControl Service.) -- C:\WINDOWS\system32\IoctlSvc.exe [53248] [PID.] [MD5.62BB79160F86CD962F312C68C6239BFD] - (.Microsoft Corporation - Windows Update.) -- C:\WINDOWS\system32\wuauclt.exe [53472] [PID.] [MD5.3DAC59C2917EC09DE0892DDDCE626DF7] - (.Avira Operations GmbH & Co. KG - Avira Shadow Copy Service.) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe [80336] [PID.] [MD5.3F3C2BD7BDDD489AAE5410D7E84DB904] - (.Avira Operations GmbH & Co. KG - Avira WebGuard Service.) -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [463824] [PID.] [MD5.F052CB43FCA828CF5C711BAFBECD692F] - (.Check Point Software Technologies LTD - ZoneAlarm Client.) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [1043968] [PID.] [MD5.478515FA22E17C4CA7177B3305630FA4] - (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [258512] [PID.3808] [MD5.5300552AC15F1A877C4B6BB6512AD1FD] - (.Logitech, Inc. - Logitech SetPoint Event Manager (UNICODE).) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe [1387288] [PID.3864] [MD5.390679F7A217A5E73D756276C40AE887] - (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2260480] [PID.3932] [MD5.B27935893393B1FD117D95A659310676] - (.Grégory HARGOUS - www.GregLand.Net - Pas de description.) -- C:\Program Files\StartClock\StartClock.exe [1024000] [PID.588] [MD5.61F5A23510D46FE7C02931604AFC8407] - (.Logitech, Inc. - Logitech KHAL Main Process.) -- C:\Program Files\Fichiers communs\LogiShrd\KHAL3\KHALMNPR.EXE [149784] [PID.1156] [MD5.B89CB10DAA6B058F6EEAF4A2F489CFBF] - (.Nicolas Coolman - Analyseur de rapports sécurité.) -- C:\Program Files\ZebHelpProcess\ZHP2.exe [2924032] [PID.3068] [MD5.B26A2F3CD6459548DB6891D138080876] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZebHelpProcess\ZHPDiag.exe [2121216] [PID.2068] ~ Scan Processes Running in 00mn 00s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Documents and Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\1nmzkxk0.default\prefs.js C:\Documents and Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\1nmzkxk0.default\user.js (.not file.) C:\Documents and Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\prefs.js C:\Documents and Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\user.js C:\Documents and Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\boo0aq2r.default\prefs.js C:\Documents and Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\boo0aq2r.default\user.js (.not file.) C:\Documents and Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\l4vv2172.default\prefs.js C:\Documents and Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\l4vv2172.default\user.js (.not file.) C:\Documents and Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\rbfd77n4.default\prefs.js C:\Documents and Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\rbfd77n4.default\user.js (.not file.) M3 - MFPP: Plugins - [Taranis] -- C:\Documents and Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\searchplugins\askcom.xml M3 - MFPP: Plugins - [Taranis] -- C:\Documents and Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\searchplugins\netvibes-ecosystem-search.xml M3 - MFPP: Plugins - [Taranis] -- C:\Documents and Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\searchplugins\veosearch.xml M3 - MFPP: Plugins - [Taranis] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml M3 - MFPP: Plugins - [Taranis] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml M3 - MFPP: Plugins - [Taranis] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml M3 - MFPP: Plugins - [Taranis] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml M3 - MFPP: Plugins - [Taranis] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml M3 - MFPP: Plugins - [Taranis] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml M3 - MFPP: Plugins - [Taranis] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml M3 - MFPP: Plugins - [Taranis] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo.xml M0 - MFSP: prefs.js [Taranis - 1nmzkxk0.default] M0 - MFSP: prefs.js [Taranis - 8yv5jtro.default] Google M0 - MFSP: prefs.js [Taranis - rbfd77n4.default] Google M2 - MFEP: prefs.js [Taranis - 8yv5jtro.default\DeviceDetection@logitech.com] [] Ð'иÑÐ²Ð»ÐµÐ½Ð½Ñ Ð¿Ñ€Ð¸Ñтроїв Logitech v1.23.0.5 (.Logitech, Inc..) M2 - MFEP: prefs.js [Taranis - 8yv5jtro.default\keyscrambler@qfx.software.corporation] [] KeyScrambler v2.8.1.0 (.QFX Software Corporation.) M2 - MFEP: prefs.js [Taranis - 8yv5jtro.default\toolbar@ask.com] [] Avira SearchFree Toolbar plus WebGuard v2.8.1.0 (.Ask.com.) M2 - MFEP: prefs.js [Taranis - 8yv5jtro.default\{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}] [] Noia 2.0 (eXtreme) v3.76 (.Kongkeat Kuatrakull.) M2 - MFEP: prefs.js [Taranis - 8yv5jtro.default\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}] [WOT] WOT v20110704 (.WOT Services Oy.) M2 - MFEP: prefs.js [Taranis - 8yv5jtro.default\{d37dc5d0-431d-44e5-8c91-49419370caa1}] [] FoxClocks v2.9.35 (.Andy McDonald.) M2 - MFEP: prefs.js [Taranis - 8yv5jtro.default\{e001c731-5e37-4538-a5cb-8168736a2360}] [bitdefender] BitDefender QuickScan v0.9.9.99 (.Echipa R&D BitDefender.) P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files\Mozilla Firefox\Plugins\np-mswmp.dll P2 - FPN:Firefox Plugin Navigator . (.Oracle Corporation - NPRuntime Script Plug-in Library for Java™ Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll P2 - FPN:Firefox Plugin Navigator . (.DivX,Inc. - DivX Web Player version 1.4.2.7.) -- C:\Program Files\Mozilla Firefox\Plugins\npdivx32.dll P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - 1.9.0042.0.) -- C:\Program Files\Mozilla Firefox\Plugins\npLegitCheckPlugin.dll P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.1.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin8.dll P2 - FPN:Firefox Plugin Navigator . (.NOS Microsystems Ltd. - getplusplusadobe16263.) -- C:\Program Files\Mozilla Firefox\Plugins\np_gp.dll P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll P2 - FPN: [HKLM] [@google.com/npPicasa3,version=3.0.0] - (.Google, Inc. - Picasa plugin.) -- C:\Program Files\Google\Picasa3\npPicasa3.dll P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Oracle Corporation - Next Generation Java Plug-in 10.1.0 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll P2 - FPN: [HKLM] [@videolan.org/vlc,version=1.1.10] - (.the VideoLAN Team - Version 1.1.10, copyright 1996-2011 The VideoLAN Team<br><a href="http.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll P2 - FPN: [HKLM] [@videolan.org/vlc,version=1.1.2] - (.the VideoLAN Team - Version 1.1.10, copyright 1996-2011 The VideoLAN Team<br><a href="http.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.1.) -- C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll ~ Scan Firefox Browser in 00mn 01s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN Hotmail, Messenger, Actualité, Sport, People, Femmes - MSN France R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN Hotmail, Messenger, Actualité, Sport, People, Femmes - MSN France R0 - HKUS\S-1-5-21-1547161642-1897051121-725345543-1003\Software\Microsoft\Internet Explorer\Main,Start Page = MSN Hotmail, Messenger, Actualité, Sport, People, Femmes - MSN France R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Google R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Microsoft Corporation R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = Google R1 - HKUS\S-1-5-21-1547161642-1897051121-725345543-1003\Software\Microsoft\Internet Explorer\Main,Search Page = Google R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} . (.Ask - Avira SearchFree Toolbar.) (5.12.2.17367) -- C:\Program Files\Ask.com\GenericAskToolbar.dll R3 - URLSearchHook: SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} . (.DeviceVM, Inc. - Browser Configuration Utility Address Bar S.) (1, 1, 7, 0) -- C:\Program Files\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.19098 (longhorn_ie8_gdr.110617-1715)) -- C:\WINDOWS\system32\ieframe.dll ~ Scan IE Browser in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Scan Proxy management in 00mn 00s ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe, F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ~ Scan Keys in 00mn 00s ---\\ Redirection du fichier Hosts (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Scan Hosts File in 00mn 01s ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: QFX Software KeyScrambler - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} . (.QFX Software Corporation - KeyScrambler Program DLL.) -- C:\Program Files\KeyScrambler\KeyScramblerIE.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} . (.Safer Networking Limited - SBSD IE Protection.) -- C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll ~ Scan BHO in 00mn 00s ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll O3 - Toolbar: Avira SearchFree Toolbar plus WebGuard - {D4027C7F-154A-4066-A1AD-4243D8127440} . (.Ask - Avira SearchFree Toolbar.) -- C:\Program Files\Ask.com\GenericAskToolbar.dll O3 - Toolbar: (no name) - {710EB7A1-45ED-11D0-924A-0020AFC7AC4D} . (...) -- (.not file.) ~ Scan Toolbar in 00mn 00s ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [startCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe O4 - HKLM\..\Run: [ZoneAlarm Client] . (.Check Point Software Technologies LTD - ZoneAlarm Client.) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe O4 - HKLM\..\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe O4 - HKLM\..\Run: [EvtMgr6] . (.Logitech, Inc. - Logitech SetPoint Event Manager (UNICODE).) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] . (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-21-1547161642-1897051121-725345543-1003\..\Run: [spybotSD TeaTimer] . (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe ~ Scan Application in 00mn 00s ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: Add to Google Photos Screensa&ver . (.Google Inc. - Google Photos Screensaver.) -- C:\WINDOWS\system32\GPhotos.scr ~ Scan IE Menu Contextuel in 00mn 00s ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: &KeyScrambler Options - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} -- Clé orpheline O9 - Extra button: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} -- Clé orpheline O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Clé orpheline O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe ~ Scan IE Extra Buttons in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll ~ Scan Winsock in 00mn 00s ---\\ Onglet supplémentaire dans les options avancées d'Internet Explorer (O11) O11 - Options group: [java_sun] Java (Sun). (.Oracle Corporation - Java™ Deployment Library .) - C:\Program Files\Java\jre7\bin\deploy.dll ~ Scan IE Plugins in 00mn 00s ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1265445165234 ~ Scan Objets ActiveX in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{033FE895-6845-43B0-BB4F-CBB9CF81FD09}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{033FE895-6845-43B0-BB4F-CBB9CF81FD09}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CS3\Services\Tcpip\..\{033FE895-6845-43B0-BB4F-CBB9CF81FD09}: DhcpNameServer = 192.168.1.1 ~ Scan Domain in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API.) -- C:\WINDOWS\system32\inetcomm.dll O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll ~ Scan Protocole Additionnel in 00mn 00s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: AtiExtEvent . (.ATI Technologies Inc. - ATI External Event Utility DLL Module.) -- C:\WINDOWS\system32\Ati2evxx.dll O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll O20 - Winlogon Notify: LBTWlgn . (.Logitech, Inc. - Logitech Bluetooth Service.) -- c:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll ~ Scan Winlogon in 00mn 00s ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll ~ Scan SSODL in 00mn 00s ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: (no name) - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll ~ Scan STS/SSO in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Avira Scheduler (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG - Avira Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira Realtime Protection (AntiVirService) . (.Avira Operations GmbH & Co. KG - Avira On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Avira Web Protection (AntiVirWebService) . (.Avira Operations GmbH & Co. KG - Avira WebGuard Service.) - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.exe O23 - Service: (Ati HotKey Poller) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Browser Configuration Utility Service (BCUService) . (.DeviceVM, Inc. - Browser Configuration Utility Auto-recovery.) - C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Oracle Corporation - Java™ Quick Starter Service.) - C:\Program Files\Java\jre7\bin\jqs.exe O23 - Service: NMSAccessU (NMSAccessU) . (...) - C:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: PLFlash DeviceIoControl Service (PLFlash DeviceIoControl Service) . (.Prolific Technology Inc. - PLFlash DeviceIoControl Service.) - C:\WINDOWS\system32\IoctlSvc.exe O23 - Service: TrueVector Internet Monitor (vsmon) . (.Check Point Software Technologies LTD - TrueVector Service.) - C:\WINDOWS\system32\ZoneLabs\vsmon.exe ~ Scan Services in 00mn 00s ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(...) - (.not file.) ~ Scan Desktop Component in 00mn 00s ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 1100 series#1265220527.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-1547161642-1897051121-725345543-1003.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-1547161642-1897051121-725345543-1003.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job [MD5.4D6019BE71C720E2D29F2CE758F7A53B] [APT] [FRU Task #Hewlett-Packard#hp psc 1100 series#1265220527] (...) -- C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe [MD5.00000000000000000000000000000000] [APT] [RealUpgradeLogonTaskS-1-5-21-1547161642-1897051121-725345543-1003] (...) -- C:\Program Files\Real\RealUpgrade\realupgrade.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [RealUpgradeScheduledTaskS-1-5-21-1547161642-1897051121-725345543-1003] (...) -- C:\Program Files\Real\RealUpgrade\realupgrade.exe (.not file.) [MD5.9A56F00D1B12DDF940974B08E6C6AB2C] [APT] [scheduled Update for Ask Toolbar] (...) -- C:\Program Files\Ask.com\UpdateTask.exe ~ Scan Scheduled Task in 00mn 00s ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys O41 - Driver: (AmdPPM) . (.Advanced Micro Devices - AMD Processor Driver.) - C:\WINDOWS\system32\DRIVERS\AmdPPM.sys O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for Security Enhancement.) - C:\WINDOWS\system32\DRIVERS\avipbb.sys O41 - Driver: (avkmgr) . (.Avira GmbH - Avira Manager Driver.) - C:\WINDOWS\system32\DRIVERS\avkmgr.sys O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\system32\DRIVERS\cdrom.sys O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\system32\DRIVERS\imapi.sys O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\system32\DRIVERS\ipsec.sys O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre souris HID.) - C:\WINDOWS\system32\DRIVERS\kbdhid.sys O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\system32\DRIVERS\mouclass.sys O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\system32\DRIVERS\netbios.sys O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\system32\DRIVERS\netbt.sys O41 - Driver: (Processor) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\system32\DRIVERS\processr.sys O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\system32\DRIVERS\rasacd.sys O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\system32\DRIVERS\rdbss.sys O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\system32\DRIVERS\redbook.sys O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\WINDOWS\system32\DRIVERS\serial.sys O41 - Driver: (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\WINDOWS\system32\DRIVERS\ssmdrv.sys O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\system32\DRIVERS\tcpip.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\system32\DRIVERS\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys O41 - Driver: (vsdatant) . (.Check Point Software Technologies LTD - ZoneAlarm Firewalling Driver.) - C:\WINDOWS\system32\vsdatant.sys O41 - Driver: (WmiAcpi) . (.Microsoft Corporation - Windows Management Interface for ACPI.) - C:\WINDOWS\system32\DRIVERS\wmiacpi.sys O41 - Driver: Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0 (WS2IFSL) . (.Microsoft Corporation - Winsock2 IFS Layer.) - C:\WINDOWS\system32\drivers\ws2ifsl.sys O41 - Driver: (avgio) . (. - .) - C:\Program Files\Avira\AntiVir Desktop\avgio.sys (.not file.) ~ Scan Drivers in 00mn 00s ---\\ Logiciels installés (O42) O42 - Logiciel: AMD Processor Driver - (.AMD.) [HKLM] -- {C151CE54-E7EA-4804-854B-F515368B0798} O42 - Logiciel: Adobe Download Manager - (.NOS Microsystems Ltd..) [HKLM] -- {E2883E8F-472F-4fb0-9522-AC9BF37916A7} O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin O42 - Logiciel: Amazon MP3 Downloader 1.0.9 - (.Pas de propriétaire.) [HKLM] -- Amazon MP3 Downloader O42 - Logiciel: Avira Free Antivirus - (.Avira.) [HKLM] -- Avira AntiVir Desktop O42 - Logiciel: Browser Configuration Utility - (.DeviceVM.) [HKLM] -- {5B363E1D-8C36-4458-BAE4-D5081999E094} O42 - Logiciel: CDBurnerXP - (.CDBurnerXP.) [HKLM] -- {7E265513-8CDA-4631-B696-F40D983F3B07}_is1 O42 - Logiciel: CPUMon - (.[den4b] Denis Kozlov.) [HKLM] -- CPUMon_is1 O42 - Logiciel: Canon SELPHY CP780 - (.Pas de propriétaire.) [HKLM] -- Canon SELPHY CP780 O42 - Logiciel: Canon Utilities SELPHY Photo Print - (.Canon Inc..) [HKLM] -- SELPHY Photo Print O42 - Logiciel: Canon Utilities SELPHY Print Contents 1.0.0 - (.Canon Inc..) [HKLM] -- SELPHY Print Contents 100 O42 - Logiciel: Corsair Flash Voyager Utility - (.Pas de propriétaire.) [HKLM] -- {41FC7856-55A1-41A6-94B1-15A1E3C050B8} O42 - Logiciel: Defraggler - (.Piriform.) [HKLM] -- Defraggler O42 - Logiciel: FileHippo.com Update Checker - (.Pas de propriétaire.) [HKLM] -- FileHippo.com O42 - Logiciel: Grisbi 0.6.0 release - (.Pas de propriétaire.) [HKLM] -- Grisbi 0.6.0 release O42 - Logiciel: Hercules WebCam Station - (.Pas de propriétaire.) [HKLM] -- {D208F4A7-6B73-4C2A-8B1E-8756FCBA831E} O42 - Logiciel: Hercules Webcam - (.Pas de propriétaire.) [HKLM] -- {A250D351-A07F-4D5D-AB6C-693C69B9BFAF} O42 - Logiciel: HotFix Q0306270 - (.Pas de propriétaire.) [HKLM] -- {7D9B8EE1-7E8E-411C-8F36-2A26D2D20D5F} O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595 O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484 O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5 O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5 O42 - Logiciel: IZArc 4.1.6 - (.Ivan Zahariev.) [HKLM] -- {97C82B44-D408-4F14-9252-47FC1636D23E}_is1 O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3 O42 - Logiciel: KeyScrambler - (.QFX Software Corporation.) [HKLM] -- KeyScrambler O42 - Logiciel: Lame ACM MP3 Codec - (.Pas de propriétaire.) [HKLM] -- LameACM O42 - Logiciel: Logitech SetPoint 6.32 - (.Logitech.) [HKLM] -- SP6 O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.2.1300 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1 O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1 O42 - Logiciel: Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 2.0 Language Pack - FRA O42 - Logiciel: Mozilla Firefox 7.0.1 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 7.0.1 (x86 fr) O42 - Logiciel: Mozilla Thunderbird (7.0.1) - (.Mozilla.) [HKLM] -- Mozilla Thunderbird (7.0.1) O42 - Logiciel: Nokia Ovi Suite - (.Nokia.) [HKLM] -- Nokia Ovi Suite O42 - Logiciel: Nokia PC Suite - (.Nokia.) [HKLM] -- Nokia PC Suite O42 - Logiciel: PDFCreator - (.Frank Heindörfer, Philip Chinery.) [HKLM] -- {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D} O42 - Logiciel: Package de pilotes Windows - Nokia Modem (02/25/2011 4.7) - (.Nokia.) [HKLM] -- E0AC723A3DE3A04256288CADBBB011B112AED454 O42 - Logiciel: Package de pilotes Windows - Nokia Modem (02/25/2011 7.01.0.9) - (.Nokia.) [HKLM] -- 72A50F48CC5601190B9C4E74D81161693133E7F7 O42 - Logiciel: Package de pilotes Windows - Nokia Modem (03/05/2008 3.7) - (.Nokia.) [HKLM] -- CBF192A85B624E32B8D19ADEEF2DCFC5BC3AA73A O42 - Logiciel: Package de pilotes Windows - Nokia Modem (03/13/2008 6.86.0.1) - (.Nokia.) [HKLM] -- E092B2EBF2FFE83E896F8F7F829A7B5D7D1B2F9D O42 - Logiciel: Package de pilotes Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) - (.Nokia.) [HKLM] -- 504244733D18C8F63FF584AEB290E3904E791693 O42 - Logiciel: Photo et imagerie HP 2.0 - hp psc 1100 series - (.Pas de propriétaire.) [HKLM] -- HP PSC 1100 Series O42 - Logiciel: Picasa 3 - (.Google, Inc..) [HKLM] -- Picasa 3 O42 - Logiciel: Q-Dir - (.Pas de propriétaire.) [HKLM] -- Q-Dir O42 - Logiciel: REALTEK GbE & FE Ethernet PCI-E NIC Driver - (.Realtek.) [HKLM] -- {C9BED750-1211-4480-B1A5-718A3BE15525} O42 - Logiciel: RagTime Solo - (.Pas de propriétaire.) [HKLM] -- RagTime Solo O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} O42 - Logiciel: Revo Uninstaller 1.93 - (.VS Revo Group.) [HKLM] -- Revo Uninstaller O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473 O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1 O42 - Logiciel: SpywareBlaster 4.4 - (.Javacool Software LLC.) [HKLM] -- SpywareBlaster_is1 O42 - Logiciel: StartClock 3.4 - (.Grégory HARGOUS.) [HKLM] -- StartClock_is1 O42 - Logiciel: Sélecteur d'installation de Microsoft Works 2004 - (.Pas de propriétaire.) [HKLM] -- Works2004Setup O42 - Logiciel: Unlocker 1.9.1 - (.Cedrick Collomb.) [HKLM] -- Unlocker O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707 O42 - Logiciel: VLC media player 1.1.10 - (.VideoLAN.) [HKLM] -- VLC media player O42 - Logiciel: Windows Genuine Advantage Notifications (KB905474) - (.Microsoft Corporation.) [HKLM] -- WgaNotify O42 - Logiciel: Windows Genuine Advantage Validation Tool (KB892130) - (.Microsoft Corporation.) [HKLM] -- KB892130 O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8 O42 - Logiciel: Windows Media Format 11 runtime - (.Pas de propriétaire.) [HKLM] -- Windows Media Format Runtime O42 - Logiciel: Winmail Reader 1.1.12 - (.Kopf.) [HKLM] -- Winmail Reader_is1 O42 - Logiciel: XnView 1.98.2 - (.Gougelet Pierre-e.) [HKLM] -- XnView_is1 O42 - Logiciel: ZebHelpProcess 2.51 - (.Nicolas Coolman.) [HKLM] -- Zeb Help Process_is1 O42 - Logiciel: ZoneAlarm - (.Check Point, Inc.) [HKLM] -- ZoneAlarm O42 - Logiciel: xp-AntiSpy 3.97-3 - (.Christian Taubenheim.) [HKLM] -- xp-AntiSpy ---\\ HKCU & HKLM Software Keys [HKCU\Software\ABBYY] [HKCU\Software\APN] [HKCU\Software\ATI] [HKCU\Software\Adobe] [HKCU\Software\Ahead] [HKCU\Software\AppDataLow\ISWVolatile] [HKCU\Software\AppDataLow\Software] [HKCU\Software\AppDataLow] [HKCU\Software\Ask.com] [HKCU\Software\AskToolbar] [HKCU\Software\Astonsoft] [HKCU\Software\Avira] [HKCU\Software\BitDefender] [HKCU\Software\Borland] [HKCU\Software\Canneverbe Limited] [HKCU\Software\Canon] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\Conduit] [HKCU\Software\Corsair] [HKCU\Software\DVD Decrypter] [HKCU\Software\DeviceVM] [HKCU\Software\DivXNetworks] [HKCU\Software\FileHippo.com] [HKCU\Software\Freeware] [HKCU\Software\GNU] [HKCU\Software\Gabest] [HKCU\Software\Gadwin Systems] [HKCU\Software\Google] [HKCU\Software\Hewlett-Packard] [HKCU\Software\IDAVLab] [HKCU\Software\IM Providers] [HKCU\Software\IZSoftware] [HKCU\Software\Innovative Solutions] [HKCU\Software\Intel] [HKCU\Software\JEDI-VCL] [HKCU\Software\JavaSoft] [HKCU\Software\Jetico] [HKCU\Software\Lavalys] [HKCU\Software\Leadertech] [HKCU\Software\LibreOffice] [HKCU\Software\LinuxLive] [HKCU\Software\Logitech] [HKCU\Software\M4ng] [HKCU\Software\Macromedia] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\Monitored] [HKCU\Software\Mozilla] [HKCU\Software\Netscape] [HKCU\Software\Nokia] [HKCU\Software\ODBC] [HKCU\Software\Oak Technology] [HKCU\Software\PDFCreator] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\QFX Software] [HKCU\Software\RealNetworks] [HKCU\Software\Realtek] [HKCU\Software\Ripp-it] [HKCU\Software\Safer Networking Limited] [HKCU\Software\SoftwareOK.de] [HKCU\Software\Sysinternals] [HKCU\Software\TAdvCheckList] [HKCU\Software\Theorica] [HKCU\Software\Trolltech] [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\VSRevoGroup] [HKCU\Software\WinRAR SFX] [HKCU\Software\WinmailReader] [HKCU\Software\XnView] [HKCU\Software\YahooPartnerToolbar] [HKCU\Software\Zone Labs] [HKCU\Software\settings] [HKCU\Software\xp-AntiSpy] [HKLM\Software\ABBYY] [HKLM\Software\APN] [HKLM\Software\ATI Technologies] [HKLM\Software\ATI] [HKLM\Software\Adobe] [HKLM\Software\Ahead] [HKLM\Software\Alienware] [HKLM\Software\Amazon] [HKLM\Software\AppDataLow] [HKLM\Software\ArcSoft] [HKLM\Software\AskToolbar] [HKLM\Software\Avira] [HKLM\Software\Borland] [HKLM\Software\C07ft5Y] [HKLM\Software\Canon] [HKLM\Software\Canon_Inc_IC] [HKLM\Software\CheckPoint] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\Creative Tech] [HKLM\Software\DeviceVM] [HKLM\Software\DivXNetworks] [HKLM\Software\Gemplus] [HKLM\Software\Google] [HKLM\Software\Hewlett-Packard] [HKLM\Software\IDAVLab] [HKLM\Software\Intel] [HKLM\Software\JavaRa] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\Khronos] [HKLM\Software\LibreOffice] [HKLM\Software\Licenses] [HKLM\Software\Logitech] [HKLM\Software\MDC] [HKLM\Software\Macromedia] [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\NOS] [HKLM\Software\Nokia Mobile Phones] [HKLM\Software\Nokia] [HKLM\Software\ODBC] [HKLM\Software\OMSI] [HKLM\Software\Oak Technology] [HKLM\Software\OmniVision] [HKLM\Software\On2 Technologies] [HKLM\Software\OpenOffice.org] [HKLM\Software\PC Connectivity Solution] [HKLM\Software\PCSuite] [HKLM\Software\PDFCreator] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\Program Groups] [HKLM\Software\QFX Software] [HKLM\Software\RTLSetup] [HKLM\Software\RealNetworks] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\Safer Networking Limited] [HKLM\Software\Schlumberger] [HKLM\Software\Secunia] [HKLM\Software\SpywareBlaster] [HKLM\Software\Sun Microsystems] [HKLM\Software\TuneUp] [HKLM\Software\Uniblue] [HKLM\Software\VideoLAN] [HKLM\Software\Windows 3.1 Migration Status] [HKLM\Software\X-AVCSD] [HKLM\Software\XnView] [HKLM\Software\Zone Labs] [HKLM\Software\mozilla.org] ~ Scan Softwares in 00mn 00s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 04/05/2011 - 18:25:04 - [481384463] ----D- C:\Program Files\ABBYY FineReader 9.0 O43 - CFD: 09/07/2011 - 17:50:42 - [116964634] ----D- C:\Program Files\Adobe O43 - CFD: 19/08/2011 - 20:36:04 - [2662080] ----D- C:\Program Files\Amazon O43 - CFD: 03/02/2010 - 18:39:22 - [3142953] ----D- C:\Program Files\AMD O43 - CFD: 22/10/2011 - 19:35:40 - [1953820] ----D- C:\Program Files\AMD APP O43 - CFD: 09/07/2011 - 17:37:10 - [2989308] ----D- C:\Program Files\Ask.com O43 - CFD: 20/02/2010 - 18:10:28 - [7647403] ----D- C:\Program Files\Astonsoft O43 - CFD: 17/09/2011 - 15:35:20 - [17667755] ----D- C:\Program Files\ATI O43 - CFD: 22/10/2011 - 19:35:04 - [50114199] ----D- C:\Program Files\ATI Technologies O43 - CFD: 17/10/2011 - 19:24:08 - [161348018] ----D- C:\Program Files\Avira O43 - CFD: 30/01/2011 - 10:24:04 - [0] ----D- C:\Program Files\AviSynth 2.5 O43 - CFD: 02/03/2011 - 18:46:38 - [71923594] ----D- C:\Program Files\Canon O43 - CFD: 17/09/2011 - 17:21:18 - [14481603] ----D- C:\Program Files\CDBurnerXP O43 - CFD: 26/06/2011 - 17:50:52 - [0] ----D- C:\Program Files\CheckPoint O43 - CFD: 03/02/2010 - 18:15:42 - [0] ----D- C:\Program Files\ComPlus Applications O43 - CFD: 21/08/2010 - 15:25:06 - [1110654] ----D- C:\Program Files\Corsair O43 - CFD: 06/10/2011 - 20:31:30 - [1813892] ----D- C:\Program Files\CPUMon O43 - CFD: 17/09/2011 - 17:22:44 - [4326736] ----D- C:\Program Files\Defraggler O43 - CFD: 03/02/2010 - 18:25:50 - [686078] --H-D- C:\Program Files\DeviceVM O43 - CFD: 06/02/2010 - 11:00:40 - [1595928] ----D- C:\Program Files\DIFX O43 - CFD: 17/09/2011 - 17:33:28 - [376398693] ----D- C:\Program Files\Fichiers communs O43 - CFD: 16/09/2011 - 20:45:50 - [381086] ----D- C:\Program Files\FileHippo.com O43 - CFD: 05/03/2011 - 14:30:22 - [75703715] ----D- C:\Program Files\Google O43 - CFD: 11/02/2011 - 18:31:36 - [23634093] ----D- C:\Program Files\Grisbi 0.6.0 release O43 - CFD: 06/02/2010 - 10:40:00 - [593703879] ----D- C:\Program Files\Hercules O43 - CFD: 03/02/2010 - 19:08:44 - [383005145] ----D- C:\Program Files\Hewlett-Packard O43 - CFD: 23/10/2011 - 10:47:24 - [39042307] --H-D- C:\Program Files\InstallShield Installation Information O43 - CFD: 16/09/2011 - 19:35:58 - [6218856] ----D- C:\Program Files\Internet Explorer O43 - CFD: 17/09/2011 - 17:27:32 - [15879488] ----D- C:\Program Files\IZArc O43 - CFD: 17/09/2011 - 17:33:04 - [178543102] ----D- C:\Program Files\Java O43 - CFD: 06/02/2010 - 16:23:06 - [427944] ----D- C:\Program Files\JavaRa O43 - CFD: 10/06/2011 - 21:29:02 - [3636496] ----D- C:\Program Files\KeyScrambler O43 - CFD: 15/07/2011 - 13:19:04 - [458156175] ----D- C:\Program Files\LibreOffice 3 O43 - CFD: 21/10/2011 - 17:13:36 - [23342150] ----D- C:\Program Files\Logitech O43 - CFD: 15/09/2011 - 19:01:18 - [7028520] ----D- C:\Program Files\Malwarebytes' Anti-Malware O43 - CFD: 06/02/2010 - 10:17:46 - [2152579] ----D- C:\Program Files\Messenger O43 - CFD: 04/06/2010 - 22:05:04 - [226432] ----D- C:\Program Files\Microsoft O43 - CFD: 03/02/2010 - 18:18:22 - [0] ----D- C:\Program Files\microsoft frontpage O43 - CFD: 04/02/2010 - 17:48:16 - [91455654] ----D- C:\Program Files\Microsoft Office O43 - CFD: 03/02/2010 - 19:37:42 - [185951459] ----D- C:\Program Files\Microsoft Works O43 - CFD: 03/02/2010 - 19:29:32 - [7824320] ----D- C:\Program Files\Microsoft Works Suite 2004 O43 - CFD: 01/05/2011 - 14:38:38 - [10374874] ----D- C:\Program Files\Movie Maker O43 - CFD: 21/10/2011 - 17:36:08 - [42704115] ----D- C:\Program Files\Mozilla Firefox O43 - CFD: 21/10/2011 - 17:46:12 - [40726931] ----D- C:\Program Files\Mozilla Thunderbird O43 - CFD: 06/02/2010 - 09:45:00 - [25757] ----D- C:\Program Files\MSBuild O43 - CFD: 13/03/2010 - 17:58:50 - [54796833] ----D- C:\Program Files\MSECache O43 - CFD: 03/02/2010 - 18:14:52 - [19278399] ----D- C:\Program Files\MSN O43 - CFD: 03/02/2010 - 18:15:22 - [8745735] ----D- C:\Program Files\MSN Gaming Zone O43 - CFD: 06/02/2010 - 10:29:24 - [0] ----D- C:\Program Files\MSXML 4.0 O43 - CFD: 03/02/2010 - 18:16:54 - [3285523] ----D- C:\Program Files\NetMeeting O43 - CFD: 10/07/2011 - 09:57:38 - [139122004] ----D- C:\Program Files\Nokia O43 - CFD: 27/02/2010 - 13:48:38 - [489912] ----D- C:\Program Files\NOS O43 - CFD: 03/02/2010 - 18:15:30 - [1804] ----D- C:\Program Files\Online Services O43 - CFD: 01/05/2011 - 14:37:36 - [4379321] ----D- C:\Program Files\Outlook Express O43 - CFD: 10/07/2011 - 09:56:54 - [13586855] ----D- C:\Program Files\PC Connectivity Solution O43 - CFD: 17/09/2011 - 17:42:00 - [32867587] ----D- C:\Program Files\PDFCreator O43 - CFD: 21/03/2010 - 19:07:50 - [598933] ----D- C:\Program Files\Q-Dir O43 - CFD: 06/10/2011 - 20:31:20 - [673546] ----D- C:\Program Files\Q-Dir_Portable O43 - CFD: 23/03/2010 - 18:58:50 - [55040784] ----D- C:\Program Files\RagTime Solo O43 - CFD: 19/08/2011 - 14:50:16 - [0] ----D- C:\Program Files\Real O43 - CFD: 03/02/2010 - 18:41:38 - [70681010] ----D- C:\Program Files\Realtek O43 - CFD: 06/02/2010 - 09:44:56 - [36400897] ----D- C:\Program Files\Reference Assemblies O43 - CFD: 02/06/2010 - 16:54:18 - [6266910] ----D- C:\Program Files\RegSeeker O43 - CFD: 07/02/2010 - 11:08:38 - [794507] ----D- C:\Program Files\SafeXP O43 - CFD: 03/02/2010 - 18:17:18 - [1025] ----D- C:\Program Files\Services en ligne O43 - CFD: 27/01/2011 - 18:43:04 - [3207581] ----D- C:\Program Files\SpamBayes O43 - CFD: 04/02/2010 - 21:59:12 - [67295889] ----D- C:\Program Files\Spybot - Search & Destroy O43 - CFD: 17/10/2011 - 20:10:34 - [5663474] ----D- C:\Program Files\SpywareBlaster O43 - CFD: 02/03/2010 - 20:32:14 - [0] ----D- C:\Program Files\Stardock O43 - CFD: 11/06/2010 - 21:17:00 - [1824866] ----D- C:\Program Files\StartClock O43 - CFD: 13/05/2011 - 21:04:46 - [0] ----D- C:\Program Files\ToniArts O43 - CFD: 12/10/2010 - 18:01:42 - [0] ----D- C:\Program Files\Trend Micro O43 - CFD: 03/02/2010 - 18:22:28 - [0] --H-D- C:\Program Files\Uninstall Information O43 - CFD: 01/05/2011 - 15:31:28 - [232012] ----D- C:\Program Files\Unlocker O43 - CFD: 06/02/2010 - 17:06:02 - [84966644] ----D- C:\Program Files\VideoLAN O43 - CFD: 26/06/2011 - 09:54:14 - [6813675] ----D- C:\Program Files\VS Revo Group O43 - CFD: 04/06/2010 - 22:05:24 - [81920207] ----D- C:\Program Files\Windows Live O43 - CFD: 09/07/2010 - 17:59:54 - [4956013] ----D- C:\Program Files\Windows Media Player O43 - CFD: 03/02/2010 - 18:15:16 - [3942655] ----D- C:\Program Files\Windows NT O43 - CFD: 03/02/2010 - 18:17:20 - [0] --H-D- C:\Program Files\WindowsUpdate O43 - CFD: 06/02/2010 - 17:04:48 - [1921830] ----D- C:\Program Files\Winmail Reader O43 - CFD: 03/02/2010 - 18:18:22 - [0] ----D- C:\Program Files\xerox O43 - CFD: 17/09/2011 - 18:01:48 - [29789347] ----D- C:\Program Files\XnView O43 - CFD: 06/02/2010 - 15:32:22 - [631028] ----D- C:\Program Files\xp-AntiSpy O43 - CFD: 31/10/2011 - 18:12:36 - [121648444] ----D- C:\Program Files\ZebHelpProcess O43 - CFD: 04/02/2010 - 22:19:56 - [21741707] ----D- C:\Program Files\Zone Labs O43 - CFD: 06/02/2010 - 16:49:52 - [5173920] ----D- C:\Program Files\Fichiers Communs\ABBYY O43 - CFD: 09/07/2011 - 17:50:50 - [3556041] ----D- C:\Program Files\Fichiers Communs\Adobe O43 - CFD: 07/02/2010 - 22:26:40 - [628585] ----D- C:\Program Files\Fichiers Communs\Ahead O43 - CFD: 06/02/2010 - 10:41:22 - [4890866] ----D- C:\Program Files\Fichiers Communs\ArcSoft O43 - CFD: 27/09/2010 - 18:31:28 - [7675824] ----D- C:\Program Files\Fichiers Communs\Borland Shared O43 - CFD: 02/03/2011 - 18:42:38 - [880669] ----D- C:\Program Files\Fichiers Communs\Canon O43 - CFD: 03/02/2010 - 19:36:52 - [86016] ----D- C:\Program Files\Fichiers Communs\Designer O43 - CFD: 03/02/2010 - 19:04:44 - [140439] ----D- C:\Program Files\Fichiers Communs\Hewlett-Packard O43 - CFD: 03/02/2010 - 18:26:08 - [6757578] ----D- C:\Program Files\Fichiers Communs\InstallShield O43 - CFD: 17/09/2011 - 17:33:28 - [1239723] ----D- C:\Program Files\Fichiers Communs\Java O43 - CFD: 21/10/2011 - 17:14:40 - [23565544] ----D- C:\Program Files\Fichiers Communs\LogiShrd O43 - CFD: 16/09/2011 - 19:40:28 - [132559667] ----D- C:\Program Files\Fichiers Communs\Microsoft Shared O43 - CFD: 03/02/2010 - 18:16:50 - [592384] ----D- C:\Program Files\Fichiers Communs\MSSoap O43 - CFD: 04/08/2011 - 13:44:34 - [84064334] ----D- C:\Program Files\Fichiers Communs\Nokia O43 - CFD: 03/02/2010 - 19:08:58 - [0] ----D- C:\Program Files\Fichiers Communs\ODBC O43 - CFD: 10/07/2011 - 09:57:40 - [88064] ----D- C:\Program Files\Fichiers Communs\PCSuite O43 - CFD: 03/02/2010 - 18:16:52 - [8106] ----D- C:\Program Files\Fichiers Communs\Services O43 - CFD: 03/02/2010 - 19:08:56 - [3787229] ----D- C:\Program Files\Fichiers Communs\SpeechEngines O43 - CFD: 03/02/2010 - 18:16:16 - [7450293] ----D- C:\Program Files\Fichiers Communs\System O43 - CFD: 06/02/2010 - 11:05:30 - [93253411] ----D- C:\Program Files\Fichiers Communs\Windows Live O43 - CFD: 27/11/2010 - 12:59:46 - [183433] ----D- C:\Documents and Settings\Taranis\Application Data\Adobe O43 - CFD: 07/02/2010 - 11:03:40 - [43062] ----D- C:\Documents and Settings\Taranis\Application Data\Ahead O43 - CFD: 17/01/2011 - 21:25:00 - [0] ----D- C:\Documents and Settings\Taranis\Application Data\Apple Computer O43 - CFD: 06/02/2010 - 10:42:52 - [121] ----D- C:\Documents and Settings\Taranis\Application Data\ArcSoft O43 - CFD: 03/02/2010 - 19:01:08 - [0] ----D- C:\Documents and Settings\Taranis\Application Data\ATI O43 - CFD: 17/10/2011 - 19:24:50 - [0] ----D- C:\Documents and Settings\Taranis\Application Data\Avira O43 - CFD: 02/03/2011 - 19:15:52 - [6602] ----D- C:\Documents and Settings\Taranis\Application Data\Canon O43 - CFD: 05/03/2011 - 12:32:58 - [0] ----D- C:\Documents and Settings\Taranis\Application Data\CheckPoint O43 - CFD: 09/05/2010 - 15:20:00 - [1503] ----D- C:\Documents and Settings\Taranis\Application Data\DeepBurner O43 - CFD: 25/09/2010 - 14:46:58 - [0] ----D- C:\Documents and Settings\Taranis\Application Data\DivX O43 - CFD: 11/02/2011 - 18:44:32 - [4620] ----D- C:\Documents and Settings\Taranis\Application Data\Grisbi O43 - CFD: 11/02/2011 - 18:46:22 - [203] ----D- C:\Documents and Settings\Taranis\Application Data\gtk-2.0 O43 - CFD: 03/02/2010 - 19:09:06 - [2828] ----D- C:\Documents and Settings\Taranis\Application Data\Hewlett-Packard O43 - CFD: 02/05/2011 - 21:00:36 - [0] ----D- C:\Documents and Settings\Taranis\Application Data\InstallShield O43 - CFD: 26/03/2010 - 17:45:06 - [345] ----D- C:\Documents and Settings\Taranis\Application Data\Leadertech O43 - CFD: 14/07/2011 - 11:10:54 - [1994120] ----D- C:\Documents and Settings\Taranis\Application Data\LibreOffice O43 - CFD: 26/03/2010 - 17:43:06 - [459340] ----D- C:\Documents and Settings\Taranis\Application Data\Logishrd O43 - CFD: 26/03/2010 - 17:45:32 - [28765] ----D- C:\Documents and Settings\Taranis\Application Data\Logitech O43 - CFD: 06/02/2010 - 09:58:06 - [470] ----D- C:\Documents and Settings\Taranis\Application Data\Macromedia O43 - CFD: 06/02/2010 - 17:18:16 - [0] ----D- C:\Documents and Settings\Taranis\Application Data\Malwarebytes O43 - CFD: 27/11/2010 - 12:59:46 - [3611939] -S--D- C:\Documents and Settings\Taranis\Application Data\Microsoft O43 - CFD: 04/02/2010 - 17:57:00 - [45502597] ----D- C:\Documents and Settings\Taranis\Application Data\Mozilla O43 - CFD: 10/07/2011 - 17:37:32 - [1102022] ----D- C:\Documents and Settings\Taranis\Application Data\Nokia O43 - CFD: 25/10/2010 - 19:49:48 - [33179] ----D- C:\Documents and Settings\Taranis\Application Data\Nokia Ovi Suite O43 - CFD: 14/02/2010 - 19:01:54 - [2519551] ----D- C:\Documents and Settings\Taranis\Application Data\OpenOffice.org O43 - CFD: 25/10/2010 - 17:42:20 - [784977] ----D- C:\Documents and Settings\Taranis\Application Data\PC Suite O43 - CFD: 17/09/2011 - 17:41:58 - [1536] ----D- C:\Documents and Settings\Taranis\Application Data\pdfforge O43 - CFD: 21/03/2010 - 19:10:00 - [690] ----D- C:\Documents and Settings\Taranis\Application Data\Q-Dir O43 - CFD: 10/06/2011 - 21:36:36 - [95] ----D- C:\Documents and Settings\Taranis\Application Data\QFX Software O43 - CFD: 03/08/2011 - 14:02:28 - [58268] ----D- C:\Documents and Settings\Taranis\Application Data\QuickScan O43 - CFD: 23/03/2010 - 18:59:00 - [27040] ----D- C:\Documents and Settings\Taranis\Application Data\RagTime O43 - CFD: 19/08/2011 - 14:49:50 - [0] ----D- C:\Documents and Settings\Taranis\Application Data\Real O43 - CFD: 26/01/2011 - 21:00:32 - [144373] ----D- C:\Documents and Settings\Taranis\Application Data\SpamBayes O43 - CFD: 04/02/2010 - 17:40:10 - [89995369] ----D- C:\Documents and Settings\Taranis\Application Data\Sun O43 - CFD: 06/06/2010 - 12:49:58 - [16798852] ----D- C:\Documents and Settings\Taranis\Application Data\Thunderbird O43 - CFD: 09/07/2011 - 18:02:20 - [789313] ----D- C:\Documents and Settings\Taranis\Application Data\vlc O43 - CFD: 09/07/2011 - 19:34:30 - [2148423] ----D- C:\Documents and Settings\Taranis\Application Data\XnView O43 - CFD: 06/02/2010 - 16:48:08 - [0] ----D- C:\Documents and Settings\Taranis\Local Settings\Application Data\ABBYY O43 - CFD: 27/11/2010 - 13:55:24 - [176320813] ----D- C:\Documents and Settings\Taranis\Local Settings\Application Data\Adobe O43 - CFD: 07/02/2010 - 11:03:32 - [1973629] ----D- C:\Documents and Settings\Taranis\Local Settings\Application Data\Ahead O43 - CFD: 17/01/2011 - 21:20:10 - [0] ----D- C:\Documents and Settings\Taranis\Local Settings\Application Data\Apple O43 - CFD: 17/01/2011 - 21:19:52 - [0] ----D- C:\Documents and Settings\Taranis\Local Settings\Application Data\Apple Computer O43 - CFD: 09/07/2011 - 17:37:06 - [586] ----D- C:\Documents and Settings\Taranis\Local Settings\Application Data\AskToolbar O43 - CFD: 03/02/2010 - 19:01:08 - [67077] ----D- C:\Documents and Settings\Taranis\Local Settings\Application Data\ATI O43 - CFD: 05/03/2011 - 14:33:52 - [42741924] ----D- C:\Documents and Settings\Taranis\Local Settings\Application Data\Google O43 - CFD: 03/02/2010 - 19:45:52 - [309460] ----D- C:\Documents and Settings\Taranis\Local Settings\Application Data\Identities O43 - CFD: 13/03/2010 - 17:06:16 - [0] ----D- C:\Documents and Settings\Taranis\Local Settings\Application Data\Innovative Solutions O43 - CFD: 20/10/2010 - 20:00:00 - [170] ----D- C:\Documents and Settings\Taranis\Local Settings\Application Data\LogiShrd O43 - CFD: 17/09/2011 - 15:46:38 - [276168087] ----D- C:\Documents and Settings\Taranis\Local Settings\Application Data\Microsoft O43 - CFD: 04/02/2010 - 17:34:58 - [41811969] ----D- C:\Documents and Settings\Taranis\Local Settings\Application Data\Mozilla O43 - CFD: 25/10/2010 - 17:44:26 - [2095601] ----D- C:\Documents and Settings\Taranis\Local Settings\Application Data\Nokia O43 - CFD: 04/08/2011 - 13:46:42 - [1981] ----D- C:\Documents and Settings\Taranis\Local Settings\Application Data\NokiaAccount O43 - CFD: 16/09/2011 - 20:20:38 - [0] ----D- C:\Documents and Settings\Taranis\Local Settings\Application Data\Solid State Networks O43 - CFD: 09/10/2011 - 09:46:50 - [488] ----D- C:\Documents and Settings\Taranis\Local Settings\Application Data\Sun O43 - CFD: 27/11/2010 - 12:59:46 - [0] ----D- C:\Documents and Settings\Taranis\Local Settings\Application Data\Temp O43 - CFD: 17/09/2011 - 17:51:38 - [1063401] ----D- C:\Documents and Settings\Taranis\Local Settings\Application Data\Thunderbird ~ Scan Program Folder in 00mn 23s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.3C0928BBD6978D3FCAA7A080E9A44E0F] - 31/10/2011 - 18:11:10 ---A- . (...) -- C:\WINDOWS\WindowsUpdate.log [1988625] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 31/10/2011 - 18:10:33 ---A- . (...) -- C:\WINDOWS\0.log [0] O44 - LFC:[MD5.01005F368D15F9AE27E60B343F328235] - 31/10/2011 - 18:10:17 ---A- . (...) -- C:\WINDOWS\wiadebug.log [236] O44 - LFC:[MD5.CB2C707507B5475AAD550CFA83A5A9B7] - 31/10/2011 - 18:10:17 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50] O44 - LFC:[MD5.C49582596A0D160FB1C3C1182955E217] - 31/10/2011 - 18:09:55 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [2048] O44 - LFC:[MD5.8DF18DC8A297279B7A504CF83A0A64AC] - 31/10/2011 - 18:08:25 ---A- . (...) -- C:\WINDOWS\setupapi.log [2254] O44 - LFC:[MD5.B27E3DBAB707978F35225297A0BE58FA] - 31/10/2011 - 13:38:18 ---A- . (...) -- C:\hpfr3420.log [108531] O44 - LFC:[MD5.BEE0ED334200A702B9D9D9AD20230205] - 31/10/2011 - 13:38:18 ---A- . (...) -- C:\hpfr3420.xml [525] O44 - LFC:[MD5.CE0631B8799A0620C41172DA2A96B57E] - 31/10/2011 - 09:29:38 ---A- . (...) -- C:\WINDOWS\system32\PerfStringBackup.INI [1101918] O44 - LFC:[MD5.E0EDA7697E17E20D944DFFC0184DB01B] - 31/10/2011 - 09:29:38 ---A- . (...) -- C:\WINDOWS\system32\perfc009.dat [68456] O44 - LFC:[MD5.AE00D617FC16AA3A785808AF03F90839] - 31/10/2011 - 09:29:38 ---A- . (...) -- C:\WINDOWS\system32\perfc00C.dat [82120] O44 - LFC:[MD5.39C21B5C1218AE72C2EF5D800043B26C] - 31/10/2011 - 09:29:38 ---A- . (...) -- C:\WINDOWS\system32\perfh009.dat [434268] O44 - LFC:[MD5.20798190C589F370E8FA45BA8E7E5EB7] - 31/10/2011 - 09:29:38 ---A- . (...) -- C:\WINDOWS\system32\perfh00C.dat [503644] O44 - LFC:[MD5.04D0D830FE7C642DC4B33DB8DFA4E106] - 30/10/2011 - 11:11:54 ---A- . (...) -- C:\WINDOWS\system32\wpa.dbl [2206] O44 - LFC:[MD5.24A0D16D170194B5812EA08542EBDB62] - 23/10/2011 - 10:49:03 R--A- . (.Ralink Technology, Corp. - Ralink 802.11 USB Wireless Adapter Driver.) -- C:\WINDOWS\system32\drivers\rt2870.sys [829792] O44 - LFC:[MD5.729388F023E46828037709F8D29F4C69] - 23/10/2011 - 10:49:03 R--A- . (.Ralink Technology, Inc. - Ralink CoInstaller Dynamic Link Library.) -- C:\WINDOWS\system32\RaCoInst.dll [238944] O44 - LFC:[MD5.5E0A40F4C4BD333C9D2ACCA8AE964F6F] - 21/10/2011 - 17:21:36 ---A- . (.Oracle Corporation - Java™ Control Panel.) -- C:\WINDOWS\system32\javacpl.cpl [128000] O44 - LFC:[MD5.EA0824063E8031B01F7850079689B22F] - 21/10/2011 - 17:21:36 ---A- . (.Oracle Corporation - Java™ Platform SE binary.) -- C:\WINDOWS\system32\deployJava1.dll [544656] O44 - LFC:[MD5.5938C760D06989E55A814EE88FE20E83] - 21/10/2011 - 17:21:36 ---A- . (.Oracle Corporation - Java™ Platform SE binary.) -- C:\WINDOWS\system32\java.exe [173960] O44 - LFC:[MD5.7F5FE240DBF4B9132AC492E94DC65CCF] - 21/10/2011 - 17:21:36 ---A- . (.Oracle Corporation - Java™ Platform SE binary.) -- C:\WINDOWS\system32\javaw.exe [173960] O44 - LFC:[MD5.A17B354254FCE7FBC045948533737166] - 21/10/2011 - 17:21:36 ---A- . (.Oracle Corporation - Java™ Web Start Launcher.) -- C:\WINDOWS\system32\javaws.exe [214408] O44 - LFC:[MD5.2C536D41DCE213E1D449F18B3D41EA55] - 21/10/2011 - 17:17:11 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\WINDOWS\system32\FlashPlayerCPLApp.cpl [414368] O44 - LFC:[MD5.C0382C12B784394BF16C2D8F0F1F17DC] - 21/10/2011 - 17:14:03 ---A- . (.Logitech, Inc. - Logitech Non-Plug and Play Driver..) -- C:\WINDOWS\system32\drivers\LNonPnP.sys [16400] O44 - LFC:[MD5.A36EE93698802CD899F98BFD553D8185] - 17/10/2011 - 19:24:12 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\WINDOWS\system32\drivers\ssmdrv.sys [28520] O44 - LFC:[MD5.912D23140CD05980F6CDAE790DDAFC8D] - 11/10/2011 - 14:00:32 ---A- . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\WINDOWS\system32\drivers\avipbb.sys [134344] O44 - LFC:[MD5.271CFD1A989209B1964E24D969552BF7] - 11/10/2011 - 14:00:32 ---A- . (.Avira GmbH - Avira Manager Driver.) -- C:\WINDOWS\system32\drivers\avkmgr.sys [36000] O44 - LFC:[MD5.7713E4EB0276702FAA08E52A6E23F2A6] - 11/10/2011 - 14:00:32 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\WINDOWS\system32\drivers\avgntflt.sys [74640] O44 - LFC:[MD5.8BB0A3D4A2F50118EE3AF2E03B44853F] - 06/10/2011 - 20:40:53 ---A- . (...) -- C:\WINDOWS\Q-Dir.ini [3600] O44 - LFC:[MD5.3CF09A0A997B6F6A2929296E74B32C11] - 27/05/2010 - 15:49:06 R--A- . (...) -- C:\WINDOWS\system32\RaCoInst.dat [14051] ~ Scan Files in 00mn 40s ---\\ Export de clé d'application autorisée (O47) O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation - Windows Live Call.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation - Windows Live Call.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe ~ Scan Keys in 00mn 00s ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\system32\Drivers\dmboot.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\system32\Drivers\dmio.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\system32\Drivers\sr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\Wdf01000.sys . (.Microsoft Corporation - Kernel Mode Driver Framework Runtime.) -- C:\WINDOWS\system32\Drivers\Wdf01000.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\system32\Drivers\dmboot.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\system32\Drivers\dmio.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys . (.Microsoft Corporation - IPv6 Windows Firewall Driver.) -- C:\WINDOWS\system32\Drivers\ip6fw.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\system32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\WINDOWS\system32\Drivers\rdpcdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys . (...) -- C:\WINDOWS\system32\Drivers\rdpdd.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys . (.Microsoft Corporation - RDP Terminal Stack Driver (US/Canada Only, Not for Export).) -- C:\WINDOWS\system32\Drivers\rdpwd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\system32\Drivers\sr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys . (.Microsoft Corporation - Named Pipe Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdpipe.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys . (.Microsoft Corporation - TCP Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdtcp.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\Wdf01000.sys . (.Microsoft Corporation - Kernel Mode Driver Framework Runtime.) -- C:\WINDOWS\system32\Drivers\Wdf01000.sys ~ Scan CSB in 00mn 00s ---\\ Image File Execution Options (IFEO) (O50) O50 - IFEO:Image File Execution Options - outlook.exe - StripMyRights.exe /D /L N O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d ~ Scan IFEO in 00mn 00s ---\\ Trojan Driver Search Data (HKLM) (O52) O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech™ DSP Group pour MSACM V3.50.) -- C:\WINDOWS\system32\tssoft32.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\system32\iccvid.dll O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\system32\ir41_32.ax O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\system32\ir50_32.dll O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm O52 - TDSD: \Drivers32\"vidc.yv12"="yv12vfw.dll" . (.www.helixcommunity.org - Helix YV12 YUV Codec.) -- C:\WINDOWS\system32\yv12vfw.dll O52 - TDSD: \Drivers32\"msacm.lameacm"="LameACM.acm" . (.http://www.mp3dev.org/ - Lame MP3 codec engine.) -- C:\WINDOWS\system32\LameACM.acm O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (...) -- (.not file.) O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm O52 - TDSD: \drivers.desc\"LameACM.acm"="Lame ACM MP3 Codec" . (.http://www.mp3dev.org/ - Lame MP3 codec engine.) -- C:\WINDOWS\system32\LameACM.acm ~ Scan Keys in 00mn 00s ---\\ Microsoft Control Security Providers (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies Explorer (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145 O56 - MWPE:[HKLM\...\policies\Explorer] - "HonorAutoRunSetting"=1 ~ Scan Keys in 00mn 00s ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.A7B8A3A79D35215D798A300DF49ED23F] - 31/10/2011 - 14:58:56 ---A- . (.Arcsoft, Inc. - Arcsoft® ASPI Shell.) -- C:\WINDOWS\system32\drivers\afc.sys [11776] O58 - SDL:[MD5.B34B1AB0A7690A0E2301FEC6D17B2FC1] - 31/10/2011 - 20:28:37 ---A- . (.Oak Technology Inc. - Audio File System.) -- C:\WINDOWS\system32\drivers\AFS2K.SYS [82380] O58 - SDL:[MD5.F6AF59D6EEE5E1C304F7F73706AD11D8] - 31/10/2011 - 13:10:12 ---A- . (.Creative - Creative WDM 3D Audio Driver.) -- C:\WINDOWS\system32\drivers\Ambfilt.sys [1684736] O58 - SDL:[MD5.033448D435E65C4BD72E70521FD05C76] - 31/10/2011 - 16:46:34 ---A- . (.Advanced Micro Devices - AMD Processor Driver.) -- C:\WINDOWS\system32\drivers\AmdPPM.sys [33792] O58 - SDL:[MD5.913DA327AD22C6FA44C41D36FD8CC570] - 31/10/2011 - 23:20:10 ---A- . (.ATI Technologies Inc. - ATI Radeon WindowsNT Miniport Driver.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys [7084544] O58 - SDL:[MD5.7713E4EB0276702FAA08E52A6E23F2A6] - 31/10/2011 - 14:00:32 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\WINDOWS\system32\drivers\avgntflt.sys [74640] O58 - SDL:[MD5.912D23140CD05980F6CDAE790DDAFC8D] - 31/10/2011 - 14:00:32 ---A- . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\WINDOWS\system32\drivers\avipbb.sys [134344] O58 - SDL:[MD5.271CFD1A989209B1964E24D969552BF7] - 31/10/2011 - 14:00:32 ---A- . (.Avira GmbH - Avira Manager Driver.) -- C:\WINDOWS\system32\drivers\avkmgr.sys [36000] O58 - SDL:[MD5.CFE3462A9E94A57DCD9676F6B7FE7F67] - 31/10/2011 - 09:12:28 ---A- . (.Nokia - Nokia USB Phone Bus Driver.) -- C:\WINDOWS\system32\drivers\ccdcmb.sys [18176] O58 - SDL:[MD5.8F2A94F991F8C73CEC26B4B5620D1EDC] - 31/10/2011 - 09:12:32 ---A- . (.Nokia - Nokia USB Phone Bus Driver.) -- C:\WINDOWS\system32\drivers\ccdcmbo.sys [23168] O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 31/10/2011 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys [262528] O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 31/10/2011 - 13:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys [11776] O58 - SDL:[MD5.573C7D0A32852B48F3058CFD8026F511] - 31/10/2011 - 08:36:06 ---A- . (.Windows ® Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\system32\drivers\hdaudbus.sys [144384] O58 - SDL:[MD5.863CC3A82C63C9F60ACF2E85D5310620] - 31/10/2011 - 05:31:00 R--A- . (.HP - IEEE-1284.4-1999 Driver (Windows 2000).) -- C:\WINDOWS\system32\drivers\hpzid412.sys [51024] O58 - SDL:[MD5.08CB72E95DD75B61F2966B311D0E4366] - 31/10/2011 - 05:31:02 R--A- . (.HP - IEEE-1284.4-1999 Print Class Driver.) -- C:\WINDOWS\system32\drivers\HPZipr12.sys [16080] O58 - SDL:[MD5.CA990306ED4EF732AF9695BFF24FC96F] - 31/10/2011 - 05:31:02 R--A- . (.HP - 1284.4<->Usb Datalink Driver (Windows 2000).) -- C:\WINDOWS\system32\drivers\HPZius12.sys [21456] O58 - SDL:[MD5.8F1BB80D589AFFB9C5E9CD7544251B29] - 31/10/2011 - 23:14:38 ---A- . (.QFX Software Corporation - KeyScrambler Keyboard Encryption Driver.) -- C:\WINDOWS\system32\drivers\keyscrambler.sys [225856] O58 - SDL:[MD5.BE2DC24D403643A2D1D98F33C7087B38] - 31/10/2011 - 07:30:58 ---A- . (.Logitech, Inc. - Logitech Consumer Control Filter Driver..) -- C:\WINDOWS\system32\drivers\LBeepKE.sys [12184] O58 - SDL:[MD5.01CC7FB6E790EF044B411377F3A1FF41] - 31/10/2011 - 07:31:20 ---A- . (.Logitech, Inc. - Logitech HID Filter Driver..) -- C:\WINDOWS\system32\drivers\LHidFilt.Sys [41240] O58 - SDL:[MD5.A2E7EAE8898D7B4B8C302B8F4E836BB5] - 31/10/2011 - 07:31:28 ---A- . (.Logitech, Inc. - Logitech Mouse Filter Driver..) -- C:\WINDOWS\system32\drivers\LMouFilt.Sys [39192] O58 - SDL:[MD5.C0382C12B784394BF16C2D8F0F1F17DC] - 31/10/2011 - 17:14:03 ---A- . (.Logitech, Inc. - Logitech Non-Plug and Play Driver..) -- C:\WINDOWS\system32\drivers\LNonPnP.sys [16400] O58 - SDL:[MD5.69A6268D7F81E53D568AB4E7E991CAF3] - 31/10/2011 - 16:00:50 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys [22216] O58 - SDL:[MD5.9FA7207D1B1ADEAD88AE8EED9CDBBAA5] - 31/10/2011 - 08:41:48 ---A- . (.Creative Technology Ltd. - Creative WDM Audio Driver (32-bit).) -- C:\WINDOWS\system32\drivers\Monfilt.sys [1389056] O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 31/10/2011 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys [12032] O58 - SDL:[MD5.99145C5D4B6C4D6F5CE83EE6ABFFE294] - 31/10/2011 - 09:09:48 ---A- . (.Nokia - Nokia USB Phone Bus Driver.) -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys [137600] O58 - SDL:[MD5.FAEE7B61C6885B091CEC1FF06DA2E1AB] - 31/10/2011 - 09:09:48 ---A- . (.Nokia - Nokia USB Phone Generic Client.) -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [8576] O58 - SDL:[MD5.FD2041E9BA03DB7764B2248F02475079] - 31/10/2011 - 09:26:12 ---A- . (.Nokia - PCCS Mode Change Filter Driver.) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys [18816] O58 - SDL:[MD5.A20AC92609F3B246BE3B761BB72FC6A5] - 31/10/2011 - 10:29:08 R--A- . (.Prolific Technology Inc. - Prolific Flash Disk Filter Driver.) -- C:\WINDOWS\system32\drivers\plff.sys [7424] O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 31/10/2011 - 13:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys [17792] O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 31/10/2011 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys [12032] O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 31/10/2011 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys [12032] O58 - SDL:[MD5.24A0D16D170194B5812EA08542EBDB62] - 31/10/2011 - 15:52:12 R--A- . (.Ralink Technology, Corp. - Ralink 802.11 USB Wireless Adapter Driver.) -- C:\WINDOWS\system32\drivers\rt2870.sys [829792] O58 - SDL:[MD5.00FD6811350E175585ABCF7D4A61DD90] - 31/10/2011 - 03:22:16 R--A- . (.Realtek Semiconductor Corporation - Realtek 10/100/1000 NDIS 5.1 Driver.) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys [141568] O58 - SDL:[MD5.0C5A04F0FFAEBC25AC815EE14441A8CB] - 31/10/2011 - 11:02:46 ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys [5085184] O58 - SDL:[MD5.1674A34F0084BFFDEC2DCDB1625A87F0] - 31/10/2011 - 02:03:54 ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\WINDOWS\system32\drivers\RtKHDMI.sys [3733760] O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 31/10/2011 - 08:39:16 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys [20480] O58 - SDL:[MD5.A36EE93698802CD899F98BFD553D8185] - 31/10/2011 - 14:14:27 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\WINDOWS\system32\drivers\ssmdrv.sys [28520] O58 - SDL:[MD5.E57B778208C783D8DEBAB320C16A1B82] - 31/10/2011 - 13:48:56 ---A- . (...) -- C:\WINDOWS\system32\drivers\StarOpen.sys [5504] O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 31/10/2011 - 13:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys [21376] O58 - SDL:[MD5.EC01DA44B090D2651FC032C8B9257232] - 31/10/2011 - 09:12:36 ---A- . (.Nokia - Filter Driver for Nokia USB Phone Bus Driver.) -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys [8192] O58 - SDL:[MD5.4ABD37CFBD710E64F01F9DA8710C73F7] - 31/10/2011 - 09:12:38 ---A- . (.Nokia - Filter Driver for Nokia USB Phone Bus Driver.) -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys [8192] O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 31/10/2011 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys [58112] O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 31/10/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037] O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 31/10/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097] O58 - SDL:[MD5.77EBF3E9386DAA51551AF429052D88D0] - 31/10/2011 - 20:33:26 ---A- . (...) -- C:\WINDOWS\system32\giveio.sys [5248] O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 31/10/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4912] O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 31/10/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809] O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 31/10/2011 - 08:50:56 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537] O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 31/10/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27916] O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 31/10/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146] O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 31/10/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370] O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 31/10/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274] O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 31/10/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146] O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 31/10/2011 - 08:49:52 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [34000] O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 31/10/2011 - 08:49:44 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560] O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 31/10/2011 - 08:49:40 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648] O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 31/10/2011 - 08:49:44 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424] O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 31/10/2011 - 08:49:42 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560] O58 - SDL:[MD5.5D6401DB90EC81B71F8E2C5C8F0FEF23] - 31/10/2011 - 14:28:46 ---A- . (.Windows ® 2000 DDK provider - SpeedFan Device Driver.) -- C:\WINDOWS\system32\speedfan.sys [5248] O58 - SDL:[MD5.050C38EBB22512122E54B47DC278BCCD] - 31/10/2011 - 10:02:32 ---A- . (.Check Point Software Technologies LTD - ZoneAlarm Firewalling Driver.) -- C:\WINDOWS\system32\vsdatant.sys [532224] ~ Scan Drivers in 00mn 01s ---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61) O61 - LFC:Last File Created 31/10/2011 - 09:05:26 ---A- C:\Documents And Settings\Mamounette\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\bookmarkbackups\bookmarks-2011-10-29.json [38938] O61 - LFC:Last File Created 31/10/2011 - 09:13:45 ---A- C:\Documents And Settings\Mamounette\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\adblockplus\elemhide.css [969352] O61 - LFC:Last File Created 31/10/2011 - 09:25:16 -SHA- C:\Documents And Settings\Mamounette\Application Data\Microsoft\Credentials\S-1-5-21-1547161642-1897051121-725345543-1007\Credentials [588] O61 - LFC:Last File Created 31/10/2011 - 09:39:40 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Windows Live Mail\Cegetel\Inbox\00E318E2-00000AF1.eml [4977] O61 - LFC:Last File Created 31/10/2011 - 09:39:43 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Windows Live Mail\Cegetel\Sent Items\0CE157AA-0000030B.eml [5948] O61 - LFC:Last File Created 31/10/2011 - 09:41:51 ---A- C:\Documents And Settings\Mamounette\Bureau\DSCN0738.MOV [42744265] O61 - LFC:Last File Created 31/10/2011 - 09:43:51 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Windows Live Mail\Backup\new\Mail.MSMessageStore [2121728] O61 - LFC:Last File Created 31/10/2011 - 09:43:51 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Windows Live Mail\Mail.pat [16384] O61 - LFC:Last File Created 31/10/2011 - 09:43:52 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Windows Live Mail\Backup\new\Mail.pat [16384] O61 - LFC:Last File Created 31/10/2011 - 10:16:44 ---A- C:\Documents And Settings\Mamounette\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\bookmarkbackups\bookmarks-2011-10-31.json [38938] O61 - LFC:Last File Created 31/10/2011 - 11:16:53 -S-A- C:\Documents And Settings\Mamounette\Application Data\Microsoft\CryptnetUrlCache\Content\7B2238AACCEDC3F1FFE8E7EB5F575EC9 [552] O61 - LFC:Last File Created 31/10/2011 - 11:16:53 -S-A- C:\Documents And Settings\Mamounette\Application Data\Microsoft\CryptnetUrlCache\MetaData\7B2238AACCEDC3F1FFE8E7EB5F575EC9 [132] O61 - LFC:Last File Created 31/10/2011 - 11:30:06 ---A- C:\Documents And Settings\Mamounette\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\bookmarkbackups\bookmarks-2011-10-30.json [38938] O61 - LFC:Last File Created 31/10/2011 - 12:32:58 ---A- C:\Documents And Settings\Mamounette\Application Data\Microsoft\IdentityCRL\Production\MetaConfig.xml [163] O61 - LFC:Last File Created 31/10/2011 - 12:34:02 ---A- C:\Documents And Settings\Mamounette\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\signons.sqlite [33792] O61 - LFC:Last File Created 31/10/2011 - 13:14:25 ---A- C:\Documents And Settings\Mamounette\Application Data\Mozilla\Firefox\Crash Reports\pending\8e979cda-4dd5-44f3-9b23-1a15ce401a04.dmp [18037] O61 - LFC:Last File Created 31/10/2011 - 13:14:25 ---A- C:\Documents And Settings\Mamounette\Application Data\Mozilla\Firefox\Crash Reports\pending\8e979cda-4dd5-44f3-9b23-1a15ce401a04.extra [2180] O61 - LFC:Last File Created 31/10/2011 - 13:30:22 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Adobe\Acrobat\10.0\UserCache.bin [61739] O61 - LFC:Last File Created 31/10/2011 - 13:34:26 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Adobe\Acrobat\10.0\SharedDataEvents [5120] O61 - LFC:Last File Created 31/10/2011 - 13:41:01 ---A- C:\Documents And Settings\Mamounette\Local Settings\Temp\WLMDSS.tmp\WLMFC.tmp\DSCN0695.JPG [4691460] O61 - LFC:Last File Created 31/10/2011 - 13:41:01 ---A- C:\Documents And Settings\Mamounette\Local Settings\Temp\WLMDSS.tmp\WLMFC.tmp\DSCN0705.JPG [4709447] O61 - LFC:Last File Created 31/10/2011 - 13:41:01 ---A- C:\Documents And Settings\Mamounette\Local Settings\Temp\WLMDSS.tmp\WLMFC.tmp\S7309537 - Copie.JPG [3011034] O61 - LFC:Last File Created 31/10/2011 - 13:42:28 ---A- C:\Documents And Settings\Mamounette\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\cert8.db [229376] O61 - LFC:Last File Created 31/10/2011 - 13:42:28 ---A- C:\Documents And Settings\Mamounette\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\key3.db [16384] O61 - LFC:Last File Created 31/10/2011 - 13:42:28 ---A- C:\Documents And Settings\Mamounette\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\localstore.rdf [33782] O61 - LFC:Last File Created 31/10/2011 - 13:43:27 ---A- C:\Documents And Settings\Mamounette\Application Data\vlc\ml.xspf [304] O61 - LFC:Last File Created 31/10/2011 - 14:43:48 ---A- C:\Documents And Settings\Mamounette\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\prefs.js [34706] O61 - LFC:Last File Created 31/10/2011 - 14:45:44 ---A- C:\Documents And Settings\Mamounette\Bureau\DSCN0825.JPG [1435311] O61 - LFC:Last File Created 31/10/2011 - 14:45:56 ---A- C:\Documents And Settings\Mamounette\Bureau\DSCN0826.JPG [1471012] O61 - LFC:Last File Created 31/10/2011 - 15:05:45 ---A- C:\Documents And Settings\Mamounette\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\adblockplus\cache.js [705211] O61 - LFC:Last File Created 31/10/2011 - 15:05:51 ---A- C:\Documents And Settings\Mamounette\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sol [470] O61 - LFC:Last File Created 31/10/2011 - 15:05:53 ---A- C:\Documents And Settings\Mamounette\Application Data\Mozilla\Firefox\Crash Reports\pending\eda3fc38-0087-49ab-8ffa-c0465b3cbe3e.dmp [18037] O61 - LFC:Last File Created 31/10/2011 - 15:05:53 ---A- C:\Documents And Settings\Mamounette\Application Data\Mozilla\Firefox\Crash Reports\pending\eda3fc38-0087-49ab-8ffa-c0465b3cbe3e.extra [2180] O61 - LFC:Last File Created 31/10/2011 - 15:06:51 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\urlclassifier3.sqlite [50352128] O61 - LFC:Last File Created 31/10/2011 - 15:10:53 ---A- C:\Documents And Settings\All Users\Application Data\Avira\AntiVir Desktop\IPM\IpmDocument.html [6277] O61 - LFC:Last File Created 31/10/2011 - 15:13:31 ---A- C:\Documents And Settings\All Users\Application Data\Avira\AntiVir Desktop\IPM\IpmMessages.xml [328] O61 - LFC:Last File Created 31/10/2011 - 15:13:47 --HA- C:\Documents And Settings\Administrateur\ntuser.dat.LOG [1024] O61 - LFC:Last File Created 31/10/2011 - 15:14:54 ---A- C:\Documents And Settings\Taranis\Local Settings\Application Data\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-6c45e832.idx [487] O61 - LFC:Last File Created 31/10/2011 - 15:15:20 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Excludes\UpdateDL.sbe [0] O61 - LFC:Last File Created 31/10/2011 - 15:19:38 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Snapshots2\RegDPF-Global.reg [2475] O61 - LFC:Last File Created 31/10/2011 - 15:20:58 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Snapshots2\RegBHO-Global.reg [581] O61 - LFC:Last File Created 31/10/2011 - 15:21:37 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante36.zip [734] O61 - LFC:Last File Created 31/10/2011 - 15:21:53 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante37.zip [735] O61 - LFC:Last File Created 31/10/2011 - 15:21:55 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante38.zip [734] O61 - LFC:Last File Created 31/10/2011 - 15:21:56 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante39.zip [736] O61 - LFC:Last File Created 31/10/2011 - 15:21:57 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante40.zip [734] O61 - LFC:Last File Created 31/10/2011 - 15:21:59 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante41.zip [734] O61 - LFC:Last File Created 31/10/2011 - 15:22:01 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante42.zip [733] O61 - LFC:Last File Created 31/10/2011 - 15:22:02 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante43.zip [734] O61 - LFC:Last File Created 31/10/2011 - 15:22:03 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante44.zip [734] O61 - LFC:Last File Created 31/10/2011 - 15:22:04 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante45.zip [735] O61 - LFC:Last File Created 31/10/2011 - 15:22:04 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante46.zip [734] O61 - LFC:Last File Created 31/10/2011 - 15:22:05 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante47.zip [736] O61 - LFC:Last File Created 31/10/2011 - 15:22:05 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante48.zip [735] O61 - LFC:Last File Created 31/10/2011 - 15:22:06 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante49.zip [735] O61 - LFC:Last File Created 31/10/2011 - 15:22:07 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante50.zip [734] O61 - LFC:Last File Created 31/10/2011 - 15:22:07 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante51.zip [734] O61 - LFC:Last File Created 31/10/2011 - 15:22:08 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante52.zip [740] O61 - LFC:Last File Created 31/10/2011 - 15:22:09 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante53.zip [734] O61 - LFC:Last File Created 31/10/2011 - 15:22:09 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante54.zip [736] O61 - LFC:Last File Created 31/10/2011 - 15:22:10 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante55.zip [733] O61 - LFC:Last File Created 31/10/2011 - 15:22:11 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante56.zip [733] O61 - LFC:Last File Created 31/10/2011 - 15:22:12 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante57.zip [741] O61 - LFC:Last File Created 31/10/2011 - 15:22:13 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante58.zip [741] O61 - LFC:Last File Created 31/10/2011 - 15:22:14 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante59.zip [724] O61 - LFC:Last File Created 31/10/2011 - 15:22:15 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante60.zip [721] O61 - LFC:Last File Created 31/10/2011 - 15:22:15 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante61.zip [759] O61 - LFC:Last File Created 31/10/2011 - 15:22:16 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante62.zip [755] O61 - LFC:Last File Created 31/10/2011 - 15:22:17 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante63.zip [776] O61 - LFC:Last File Created 31/10/2011 - 15:22:18 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante64.zip [767] O61 - LFC:Last File Created 31/10/2011 - 15:22:19 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante65.zip [761] O61 - LFC:Last File Created 31/10/2011 - 15:22:24 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante66.zip [770] O61 - LFC:Last File Created 31/10/2011 - 15:22:26 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante67.zip [756] O61 - LFC:Last File Created 31/10/2011 - 15:22:28 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante68.zip [755] O61 - LFC:Last File Created 31/10/2011 - 15:22:29 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante69.zip [760] O61 - LFC:Last File Created 31/10/2011 - 15:22:30 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante70.zip [754] O61 - LFC:Last File Created 31/10/2011 - 15:22:30 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante71.zip [766] O61 - LFC:Last File Created 31/10/2011 - 15:22:31 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante72.zip [762] O61 - LFC:Last File Created 31/10/2011 - 15:22:31 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante73.zip [708] O61 - LFC:Last File Created 31/10/2011 - 15:22:32 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante74.zip [709] O61 - LFC:Last File Created 31/10/2011 - 15:22:32 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante75.zip [709] O61 - LFC:Last File Created 31/10/2011 - 15:22:33 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante76.zip [709] O61 - LFC:Last File Created 31/10/2011 - 15:22:33 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante77.zip [709] O61 - LFC:Last File Created 31/10/2011 - 15:22:34 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante78.zip [710] O61 - LFC:Last File Created 31/10/2011 - 15:22:37 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante79.zip [710] O61 - LFC:Last File Created 31/10/2011 - 15:22:38 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante80.zip [710] O61 - LFC:Last File Created 31/10/2011 - 15:22:38 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante81.zip [709] O61 - LFC:Last File Created 31/10/2011 - 15:22:38 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante82.zip [711] O61 - LFC:Last File Created 31/10/2011 - 15:22:39 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante83.zip [710] O61 - LFC:Last File Created 31/10/2011 - 15:22:39 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante84.zip [709] O61 - LFC:Last File Created 31/10/2011 - 15:22:39 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante85.zip [709] O61 - LFC:Last File Created 31/10/2011 - 15:22:39 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante86.zip [715] O61 - LFC:Last File Created 31/10/2011 - 15:22:39 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante87.zip [709] O61 - LFC:Last File Created 31/10/2011 - 15:22:40 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante88.zip [711] O61 - LFC:Last File Created 31/10/2011 - 15:22:40 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante89.zip [710] O61 - LFC:Last File Created 31/10/2011 - 15:22:40 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante90.zip [708] O61 - LFC:Last File Created 31/10/2011 - 15:22:41 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante91.zip [720] O61 - LFC:Last File Created 31/10/2011 - 15:22:41 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante92.zip [720] O61 - LFC:Last File Created 31/10/2011 - 15:22:41 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante93.zip [741] O61 - LFC:Last File Created 31/10/2011 - 15:22:41 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante94.zip [741] O61 - LFC:Last File Created 31/10/2011 - 15:22:42 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante95.zip [738] O61 - LFC:Last File Created 31/10/2011 - 15:22:42 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante96.zip [734] O61 - LFC:Last File Created 31/10/2011 - 15:22:51 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante97.zip [770] O61 - LFC:Last File Created 31/10/2011 - 15:22:53 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante98.zip [710] O61 - LFC:Last File Created 31/10/2011 - 15:23:49 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Snapshots2\RegGS1-Global.reg [850] O61 - LFC:Last File Created 31/10/2011 - 15:29:09 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Excludes\Bots.sbe [18] O61 - LFC:Last File Created 31/10/2011 - 15:29:09 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Excludes\Cookies.sbe [0] O61 - LFC:Last File Created 31/10/2011 - 15:29:09 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Excludes\FileExt.sbe [0] O61 - LFC:Last File Created 31/10/2011 - 15:29:09 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Excludes\Links.sbe [0] O61 - LFC:Last File Created 31/10/2011 - 15:29:09 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Excludes\Single.sbe [0] O61 - LFC:Last File Created 31/10/2011 - 15:29:09 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Excludes\SystemInternals.sbe [126] O61 - LFC:Last File Created 31/10/2011 - 15:29:09 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Excludes\WaitFor.sbe [0] O61 - LFC:Last File Created 31/10/2011 - 15:29:40 ---A- C:\Documents And Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Configuration\news.conf [250] O61 - LFC:Last File Created 31/10/2011 - 15:29:56 ---A- C:\Documents And Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Configuration\build.conf [261] O61 - LFC:Last File Created 31/10/2011 - 15:29:56 ---A- C:\Documents And Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref [7283005] O61 - LFC:Last File Created 31/10/2011 - 16:00:54 ----- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG [1024] O61 - LFC:Last File Created 31/10/2011 - 16:01:31 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\ATI\ACE\Manifest.Bin [32089] O61 - LFC:Last File Created 31/10/2011 - 16:01:31 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\ATI\ACE\Manifest.xml [23698] O61 - LFC:Last File Created 31/10/2011 - 16:01:34 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Windows Live Mail\xxxx@hotmail.fr\oeconfig.xml [19588] O61 - LFC:Last File Created 31/10/2011 - 16:01:38 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Windows Live Mail\Hotmail\account{40ABED59-A09A-4768-B71D-F0E514FC1989}.oeaccount [5164] O61 - LFC:Last File Created 31/10/2011 - 16:01:41 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Windows Live Mail\Cegetel\Inbox\40B96025-00000AF7.eml [14381] O61 - LFC:Last File Created 31/10/2011 - 16:02:01 -SHA- C:\Documents And Settings\Mamounette\IETldCache\index.dat [262144] O61 - LFC:Last File Created 31/10/2011 - 16:02:08 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Windows Live Mail\Calendars\xxxx@hotmail.fr\DBStore\WLCalendarStore.edb [2113536] O61 - LFC:Last File Created 31/10/2011 - 16:02:08 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Windows Live Mail\Calendars\xxxx@hotmail.fr\DBStore\edb.chk [8192] O61 - LFC:Last File Created 31/10/2011 - 16:02:08 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Windows Live Mail\RssFeeds.xml [264] O61 - LFC:Last File Created 31/10/2011 - 16:02:08 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Windows Live Mail\Sentinel\WLMailSearchSentinel.eml [37] O61 - LFC:Last File Created 31/10/2011 - 16:02:09 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Windows Live Contacts\{2fc601bf-8d14-4b3c-91d5-23ab8953387a}\DBStore\contacts.edb [4210688] O61 - LFC:Last File Created 31/10/2011 - 16:02:09 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Windows Live Contacts\{2fc601bf-8d14-4b3c-91d5-23ab8953387a}\DBStore\edb.chk [8192] O61 - LFC:Last File Created 31/10/2011 - 16:02:09 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Windows Live Mail\Mail.MSMessageStore [2113536] O61 - LFC:Last File Created 31/10/2011 - 16:02:09 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Windows Live Mail\edb.chk [8192] O61 - LFC:Last File Created 31/10/2011 - 16:02:09 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Windows Live Mail\sqmnoopt00.sqm [844] O61 - LFC:Last File Created 31/10/2011 - 16:02:09 -SHA- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Credentials\S-1-5-21-1547161642-1897051121-725345543-1007\Credentials [11730] O61 - LFC:Last File Created 31/10/2011 - 16:02:10 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Messenger\ContactsLog.txt [3031449] O61 - LFC:Last File Created 31/10/2011 - 16:02:10 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Windows Live Contacts\{b8b06f4e-283c-444b-a71b-f53b8ec71adc}\DBStore\contacts.edb [4210688] O61 - LFC:Last File Created 31/10/2011 - 16:02:10 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Windows Live Contacts\{b8b06f4e-283c-444b-a71b-f53b8ec71adc}\DBStore\edb.chk [8192] O61 - LFC:Last File Created 31/10/2011 - 16:02:32 ---A- C:\Documents And Settings\Mamounette\Application Data\wklnhst.dat [34906] O61 - LFC:Last File Created 31/10/2011 - 16:02:33 ---A- C:\Documents And Settings\Mamounette\Application Data\Microsoft\Office\Fichiers récents\Conseil Syndical.lnk [558] O61 - LFC:Last File Created 31/10/2011 - 16:02:33 ---A- C:\Documents And Settings\Mamounette\Application Data\Microsoft\Office\Fichiers récents\OJ CS du 07.11.2011.doc.lnk [680] O61 - LFC:Last File Created 31/10/2011 - 16:02:50 ---A- C:\Documents And Settings\Mamounette\Application Data\Microsoft\Modèles\Normal.dot [188416] O61 - LFC:Last File Created 31/10/2011 - 16:02:50 ---A- C:\Documents And Settings\Mamounette\Application Data\Microsoft\Office\Fichiers récents\Modèles.lnk [775] O61 - LFC:Last File Created 31/10/2011 - 16:02:50 ---A- C:\Documents And Settings\Mamounette\Application Data\Microsoft\Office\Fichiers récents\Normal.dot.lnk [878] O61 - LFC:Last File Created 31/10/2011 - 16:02:50 ---A- C:\Documents And Settings\Mamounette\Application Data\Microsoft\Office\Word10.pip [1680] O61 - LFC:Last File Created 31/10/2011 - 16:02:50 --H-- C:\Documents And Settings\Mamounette\Application Data\Microsoft\Office\Fichiers récents\index.dat [986] O61 - LFC:Last File Created 31/10/2011 - 16:13:35 -S-A- C:\Documents And Settings\Mamounette\Application Data\Microsoft\CryptnetUrlCache\Content\B171751C11ECDD4C0C4BC4BBF7B99FBF [53679] O61 - LFC:Last File Created 31/10/2011 - 16:13:35 -S-A- C:\Documents And Settings\Mamounette\Application Data\Microsoft\CryptnetUrlCache\MetaData\B171751C11ECDD4C0C4BC4BBF7B99FBF [128] O61 - LFC:Last File Created 31/10/2011 - 16:16:58 ---A- C:\Documents And Settings\Mamounette\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\bookmarkbackups\bookmarks-2011-10-28.json [38938] O61 - LFC:Last File Created 31/10/2011 - 16:17:21 ---A- C:\Documents And Settings\Papounet\Application Data\Nokia\LaunchApplication\Settings.xml [1437] O61 - LFC:Last File Created 31/10/2011 - 16:17:26 ---A- C:\Documents And Settings\Papounet\Local Settings\Temp\NGLALog.txt [13905] O61 - LFC:Last File Created 31/10/2011 - 16:18:23 ---A- C:\Documents And Settings\Papounet\Application Data\Nokia\PC Suite\statistics.dat [932] O61 - LFC:Last File Created 31/10/2011 - 16:19:06 ---A- C:\Documents And Settings\Papounet\Local Settings\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\startupCache\startupCache.4.little [647371] O61 - LFC:Last File Created 31/10/2011 - 16:21:03 ---A- C:\Documents And Settings\Papounet\Application Data\Sun\Java\Deployment\deployment.properties [1216] O61 - LFC:Last File Created 31/10/2011 - 16:21:06 ---A- C:\Documents And Settings\Papounet\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\21\1e920ad5-32d8f3af [3620] O61 - LFC:Last File Created 31/10/2011 - 16:21:06 ---A- C:\Documents And Settings\Papounet\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\21\1e920ad5-32d8f3af.idx [473] O61 - LFC:Last File Created 31/10/2011 - 16:21:06 ---A- C:\Documents And Settings\Papounet\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\47\54dbee2f-510db49f [2136] O61 - LFC:Last File Created 31/10/2011 - 16:21:06 ---A- C:\Documents And Settings\Papounet\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\47\54dbee2f-510db49f.idx [474] O61 - LFC:Last File Created 31/10/2011 - 16:21:06 ---A- C:\Documents And Settings\Papounet\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\53\72b89175-22e225e4 [1033] O61 - LFC:Last File Created 31/10/2011 - 16:21:06 ---A- C:\Documents And Settings\Papounet\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\53\72b89175-22e225e4.idx [474] O61 - LFC:Last File Created 31/10/2011 - 16:21:16 ---A- C:\Documents And Settings\Papounet\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\11\68c0d8b-382c921f [2638] O61 - LFC:Last File Created 31/10/2011 - 16:21:16 ---A- C:\Documents And Settings\Papounet\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\11\68c0d8b-382c921f.idx [472] O61 - LFC:Last File Created 31/10/2011 - 16:21:16 ---A- C:\Documents And Settings\Papounet\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\lastAccessed [1] O61 - LFC:Last File Created 31/10/2011 - 16:21:31 ---A- C:\Documents And Settings\Papounet\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\addons.sqlite [262144] O61 - LFC:Last File Created 31/10/2011 - 16:21:52 ---A- C:\Documents And Settings\Papounet\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\extensions\staged\Noia4Options@ArisT2.json [2965] O61 - LFC:Last File Created 31/10/2011 - 16:21:52 ---A- C:\Documents And Settings\Papounet\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\extensions\staged\{faf13420-5e24-11e0-80e3-0800200c9a66}.json [2700] O61 - LFC:Last File Created 31/10/2011 - 16:23:32 ---A- C:\Documents And Settings\Papounet\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\blocklist.xml [11678] O61 - LFC:Last File Created 31/10/2011 - 17:10:14 ---A- C:\Documents And Settings\Mamounette\Application Data\Mozilla\Firefox\Crash Reports\pending\33e536e8-9b25-45ef-a722-e4f4579ad07d.dmp [18037] O61 - LFC:Last File Created 31/10/2011 - 17:10:15 ---A- C:\Documents And Settings\Mamounette\Application Data\Mozilla\Firefox\Crash Reports\pending\33e536e8-9b25-45ef-a722-e4f4579ad07d.extra [2180] O61 - LFC:Last File Created 31/10/2011 - 17:12:00 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Adobe\Acrobat\10.0\AdobeCMapFnt10.lst [512] O61 - LFC:Last File Created 31/10/2011 - 17:12:00 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Adobe\Acrobat\10.0\Cache\AcroFnt10.lst [8231] O61 - LFC:Last File Created 31/10/2011 - 17:12:25 ---A- C:\Documents And Settings\Papounet\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\signons.sqlite [44032] O61 - LFC:Last File Created 31/10/2011 - 17:18:31 ---A- C:\Documents And Settings\Taranis\Local Settings\Application Data\Adobe\Acrobat\10.0\Cache\RdLang_rdlang32.fra [9373696] O61 - LFC:Last File Created 31/10/2011 - 17:18:44 ---A- C:\Documents And Settings\Taranis\Local Settings\Application Data\Adobe\Acrobat\10.0\UserCache.bin [61739] O61 - LFC:Last File Created 31/10/2011 - 17:19:01 ---A- C:\Documents And Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\extensions\Noia4Options@ArisT2.xpi [129384] O61 - LFC:Last File Created 31/10/2011 - 17:19:01 ---A- C:\Documents And Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\extensions\{faf13420-5e24-11e0-80e3-0800200c9a66}.xpi [1366868] O61 - LFC:Last File Created 31/10/2011 - 17:19:07 ---A- C:\Documents And Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-31-Oct-2011-16-19-07-GMT\ff-config.zip [60329] O61 - LFC:Last File Created 31/10/2011 - 17:19:08 ---A- C:\Documents And Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\extensions\toolbar@ask.com\datastore\cache.sqlite [4096] O61 - LFC:Last File Created 31/10/2011 - 17:19:08 ---A- C:\Documents And Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\extensions\toolbar@ask.com\searchplugins\askcom.xml [2406] O61 - LFC:Last File Created 31/10/2011 - 17:19:08 ---A- C:\Documents And Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\searchplugins\askcom.xml [2406] O61 - LFC:Last File Created 31/10/2011 - 17:20:54 ---A- C:\Documents And Settings\All Users\Application Data\Avira\AntiVir Desktop\REPORTS\2553857a.avl [1698] O61 - LFC:Last File Created 31/10/2011 - 17:25:05 ---A- C:\Documents And Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\adblockplus\elemhide.css [970270] O61 - LFC:Last File Created 31/10/2011 - 17:25:07 ---A- C:\Documents And Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\addons.sqlite [262144] O61 - LFC:Last File Created 31/10/2011 - 17:27:05 ---A- C:\Documents And Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\blocklist.xml [11678] O61 - LFC:Last File Created 31/10/2011 - 17:28:36 ---A- C:\Documents And Settings\Papounet\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\bookmarkbackups\bookmarks-2011-10-28.json [92916] O61 - LFC:Last File Created 31/10/2011 - 17:28:40 ---A- C:\Documents And Settings\Papounet\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sol [487] O61 - LFC:Last File Created 31/10/2011 - 17:28:41 ---A- C:\Documents And Settings\Papounet\Application Data\Mozilla\Firefox\Crash Reports\pending\2b3b8d7a-8f09-4014-82a9-f30a534ef349.dmp [18037] O61 - LFC:Last File Created 31/10/2011 - 17:28:41 ---A- C:\Documents And Settings\Papounet\Application Data\Mozilla\Firefox\Crash Reports\pending\2b3b8d7a-8f09-4014-82a9-f30a534ef349.extra [2271] O61 - LFC:Last File Created 31/10/2011 - 17:28:41 ---A- C:\Documents And Settings\Papounet\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\adblockplus\cache.js [702335] O61 - LFC:Last File Created 31/10/2011 - 17:28:41 ---A- C:\Documents And Settings\Papounet\Local Settings\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\urlclassifier3.sqlite [49922048] O61 - LFC:Last File Created 31/10/2011 - 17:28:42 ---A- C:\Documents And Settings\Papounet\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\cert8.db [212992] O61 - LFC:Last File Created 31/10/2011 - 17:28:42 ---A- C:\Documents And Settings\Papounet\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\cookies.sqlite [524288] O61 - LFC:Last File Created 31/10/2011 - 17:28:42 ---A- C:\Documents And Settings\Papounet\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\key3.db [16384] O61 - LFC:Last File Created 31/10/2011 - 17:28:42 ---A- C:\Documents And Settings\Papounet\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\localstore.rdf [44062] O61 - LFC:Last File Created 31/10/2011 - 17:28:42 ---A- C:\Documents And Settings\Papounet\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\prefs.js [73178] O61 - LFC:Last File Created 31/10/2011 - 17:28:43 ---A- C:\Documents And Settings\Papounet\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\permissions.sqlite [3015680] O61 - LFC:Last File Created 31/10/2011 - 17:29:02 ---A- C:\Documents And Settings\Taranis\Local Settings\Application Data\Adobe\Acrobat\10.0\AdobeCMapFnt10.lst [512] O61 - LFC:Last File Created 31/10/2011 - 17:29:02 ---A- C:\Documents And Settings\Taranis\Local Settings\Application Data\Adobe\Acrobat\10.0\Cache\AcroFnt10.lst [8231] O61 - LFC:Last File Created 31/10/2011 - 17:29:09 ---A- C:\Documents And Settings\Taranis\Application Data\Adobe\Acrobat\10.0\ReaderMessages [20480] O61 - LFC:Last File Created 31/10/2011 - 17:29:27 ---A- C:\Documents And Settings\Taranis\Local Settings\Application Data\Adobe\Acrobat\10.0\Cache\RdLang_Updater.FRA [14336] O61 - LFC:Last File Created 31/10/2011 - 17:35:03 ---A- C:\Documents And Settings\All Users\Application Data\Avira\AntiVir Desktop\REPORTS\95672573.avl [1606] O61 - LFC:Last File Created 31/10/2011 - 17:35:25 ---A- C:\Documents And Settings\All Users\Application Data\Avira\AntiVir Desktop\REPORTS\009765ea.avl [2352] O61 - LFC:Last File Created 31/10/2011 - 17:37:14 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Windows Live Mail\Cegetel\Inbox\4F8B48DE-00000AD8.eml [1856231] O61 - LFC:Last File Created 31/10/2011 - 17:37:23 ---A- C:\Documents And Settings\Mamounette\Bureau\3265_001.pdf [1332007] O61 - LFC:Last File Created 31/10/2011 - 17:38:19 ---A- C:\Documents And Settings\Mamounette\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\addons.sqlite [262144] O61 - LFC:Last File Created 31/10/2011 - 17:40:17 ---A- C:\Documents And Settings\Mamounette\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\blocklist.xml [11678] O61 - LFC:Last File Created 31/10/2011 - 17:41:13 ---A- C:\Documents And Settings\Mamounette\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\permissions.sqlite [3018752] O61 - LFC:Last File Created 31/10/2011 - 17:45:26 ---A- C:\Documents And Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\bookmarkbackups\bookmarks-2011-10-31.json [105648] O61 - LFC:Last File Created 31/10/2011 - 17:45:27 ---A- C:\Documents And Settings\Taranis\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sol [470] O61 - LFC:Last File Created 31/10/2011 - 17:45:28 ---A- C:\Documents And Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\extensions\toolbar@ask.com\logs\asktb-log-1320077946281.html [5551] O61 - LFC:Last File Created 31/10/2011 - 17:49:41 ---A- C:\Documents And Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\extensions\toolbar@ask.com\logs\asktb-log-1320079773540.html [4171] O61 - LFC:Last File Created 31/10/2011 - 17:49:41 ---A- C:\Documents And Settings\Taranis\Local Settings\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\urlclassifier3.sqlite [40828928] O61 - LFC:Last File Created 31/10/2011 - 17:49:42 ---A- C:\Documents And Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\cert8.db [196608] O61 - LFC:Last File Created 31/10/2011 - 17:49:42 ---A- C:\Documents And Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\cookies.sqlite [524288] O61 - LFC:Last File Created 31/10/2011 - 17:49:42 ---A- C:\Documents And Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\key3.db [16384] O61 - LFC:Last File Created 31/10/2011 - 17:49:54 -SHA- C:\Documents And Settings\Taranis\UserData\index.dat [16384] O61 - LFC:Last File Created 31/10/2011 - 17:50:07 ---A- C:\Documents And Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\1nmzkxk0.default\places.sqlite [196608] O61 - LFC:Last File Created 31/10/2011 - 17:50:08 ---A- C:\Documents And Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\places.sqlite [10485760] O61 - LFC:Last File Created 31/10/2011 - 17:50:08 ---A- C:\Documents And Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\boo0aq2r.default\places.sqlite [135168] O61 - LFC:Last File Created 31/10/2011 - 17:50:08 ---A- C:\Documents And Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\l4vv2172.default\places.sqlite [163840] O61 - LFC:Last File Created 31/10/2011 - 17:50:40 ---A- C:\Documents And Settings\Mamounette\Mes documents\cc_20111031_175036.reg [206] O61 - LFC:Last File Created 31/10/2011 - 17:52:11 -SHA- C:\Documents And Settings\Papounet\Local Settings\Application Data\Microsoft\Credentials\S-1-5-21-1547161642-1897051121-725345543-1005\Credentials [16242] O61 - LFC:Last File Created 31/10/2011 - 17:52:22 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Snapshots2\RegUS1-Papounet.reg [163] O61 - LFC:Last File Created 31/10/2011 - 17:52:42 -SHA- C:\Documents And Settings\Papounet\Application Data\Microsoft\Internet Explorer\UserData\index.dat [16384] O61 - LFC:Last File Created 31/10/2011 - 17:52:45 ---A- C:\Documents And Settings\Papounet\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\places.sqlite [10485760] O61 - LFC:Last File Created 31/10/2011 - 17:52:45 ---A- C:\Documents And Settings\Papounet\Application Data\Mozilla\Firefox\Profiles\l4vv2172.default\places.sqlite [163840] O61 - LFC:Last File Created 31/10/2011 - 17:53:07 ---A- C:\Documents And Settings\Papounet\Mes documents\cc_20111031_175303.reg [4386] O61 - LFC:Last File Created 31/10/2011 - 17:53:29 -SHA- C:\Documents And Settings\Papounet\Application Data\Microsoft\Internet Explorer\Desktop.htt [2702] O61 - LFC:Last File Created 31/10/2011 - 17:53:41 ---A- C:\Documents And Settings\Papounet\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG [1024] O61 - LFC:Last File Created 31/10/2011 - 17:53:43 ---A- C:\Documents And Settings\Papounet\Local Settings\Application Data\ATI\ACE\Manifest.Bin [32089] O61 - LFC:Last File Created 31/10/2011 - 17:53:43 ---A- C:\Documents And Settings\Papounet\Local Settings\Application Data\ATI\ACE\Manifest.xml [23698] O61 - LFC:Last File Created 31/10/2011 - 17:53:53 -SHA- C:\Documents And Settings\Papounet\IETldCache\index.dat [262144] O61 - LFC:Last File Created 31/10/2011 - 17:53:57 ----- C:\Documents And Settings\Papounet\Local Settings\Historique\History.IE5\index.dat [131072] O61 - LFC:Last File Created 31/10/2011 - 17:53:57 -SHA- C:\Documents And Settings\Papounet\Cookies\index.dat [32768] O61 - LFC:Last File Created 31/10/2011 - 17:54:14 --HA- C:\Documents And Settings\Papounet\NTUSER.DAT [9699328] O61 - LFC:Last File Created 31/10/2011 - 17:54:45 ---A- C:\Documents And Settings\Mamounette\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\cookies.sqlite [524288] O61 - LFC:Last File Created 31/10/2011 - 17:54:51 ----- C:\Documents And Settings\Mamounette\Local Settings\Historique\History.IE5\index.dat [114688] O61 - LFC:Last File Created 31/10/2011 - 17:54:51 -SHA- C:\Documents And Settings\Mamounette\Application Data\Microsoft\Internet Explorer\UserData\index.dat [16384] O61 - LFC:Last File Created 31/10/2011 - 17:54:51 -SHA- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Internet Explorer\DOMStore\index.dat [16384] O61 - LFC:Last File Created 31/10/2011 - 17:54:52 -SHA- C:\Documents And Settings\Mamounette\Cookies\index.dat [32768] O61 - LFC:Last File Created 31/10/2011 - 17:55:27 ---A- C:\Documents And Settings\Mamounette\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\places.sqlite [10485760] O61 - LFC:Last File Created 31/10/2011 - 17:55:27 ---A- C:\Documents And Settings\Mamounette\Application Data\Mozilla\Firefox\Profiles\bmhczl5g.default\places.sqlite [135168] O61 - LFC:Last File Created 31/10/2011 - 17:55:27 ---A- C:\Documents And Settings\Mamounette\Application Data\Mozilla\Firefox\Profiles\ua3hnerj.default\places.sqlite [159744] O61 - LFC:Last File Created 31/10/2011 - 17:55:28 ---A- C:\Documents And Settings\Mamounette\Application Data\Mozilla\Firefox\Profiles\v72nv04f.default\places.sqlite [163840] O61 - LFC:Last File Created 31/10/2011 - 17:55:45 ---A- C:\Documents And Settings\Mamounette\Mes documents\cc_20111031_175542.reg [206] O61 - LFC:Last File Created 31/10/2011 - 17:56:29 --HA- C:\Documents And Settings\Mamounette\NTUSER.DAT [8388608] O61 - LFC:Last File Created 31/10/2011 - 17:56:46 ---A- C:\Documents And Settings\Taranis\Local Settings\Temp\IswTmp\Logs\FFApi.swl.old [1020] O61 - LFC:Last File Created 31/10/2011 - 17:56:47 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Snapshots2\RegGNTCVWL-Global.reg [311] O61 - LFC:Last File Created 31/10/2011 - 17:58:25 ---A- C:\Documents And Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\extensions.sqlite [458752] O61 - LFC:Last File Created 31/10/2011 - 17:58:25 ---A- C:\Documents And Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\extensions.sqlite-journal [295496] O61 - LFC:Last File Created 31/10/2011 - 17:58:25 ---A- C:\Documents And Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\parent.lock [0] O61 - LFC:Last File Created 31/10/2011 - 17:58:26 ---A- C:\Documents And Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\cookies.sqlite-shm [32768] O61 - LFC:Last File Created 31/10/2011 - 17:58:26 ---A- C:\Documents And Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\cookies.sqlite-wal [0] O61 - LFC:Last File Created 31/10/2011 - 17:58:26 ---A- C:\Documents And Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\extensions\toolbar@ask.com\logs\asktb-log-1320080306708.html [4668] O61 - LFC:Last File Created 31/10/2011 - 17:58:26 ---A- C:\Documents And Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\places.sqlite-shm [32768] O61 - LFC:Last File Created 31/10/2011 - 17:58:26 ---A- C:\Documents And Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\places.sqlite-wal [0] O61 - LFC:Last File Created 31/10/2011 - 17:58:26 ---A- C:\Documents And Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\prefs.js [76814] O61 - LFC:Last File Created 31/10/2011 - 17:58:26 ---A- C:\Documents And Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\search.json [17857] O61 - LFC:Last File Created 31/10/2011 - 17:58:36 ---A- C:\Documents And Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\downloads.sqlite [65536] O61 - LFC:Last File Created 31/10/2011 - 17:59:49 ---A- C:\Documents And Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\localstore.rdf [43927] O61 - LFC:Last File Created 31/10/2011 - 18:01:13 ---A- C:\Documents And Settings\Taranis\Local Settings\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\startupCache\startupCache.4.little [954925] O61 - LFC:Last File Created 31/10/2011 - 18:01:50 --HA- C:\Documents And Settings\Taranis\Local Settings\Temp\etilqs_XTMgUAN4uDxD6Fx [229404] O61 - LFC:Last File Created 31/10/2011 - 18:02:34 ---A- C:\Documents And Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\urlclassifierkey3.txt [154] O61 - LFC:Last File Created 31/10/2011 - 18:04:26 ---A- C:\Documents And Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\adblockplus\cache.js [706253] O61 - LFC:Last File Created 31/10/2011 - 18:05:51 -S-A- C:\Documents And Settings\Taranis\Application Data\Microsoft\CryptnetUrlCache\Content\696F3DE637E6DE85B458996D49D759AD [781] O61 - LFC:Last File Created 31/10/2011 - 18:05:51 -S-A- C:\Documents And Settings\Taranis\Application Data\Microsoft\CryptnetUrlCache\Content\B8CC409ACDBF2A2FE04C56F2875B1FD6 [561] O61 - LFC:Last File Created 31/10/2011 - 18:05:51 -S-A- C:\Documents And Settings\Taranis\Application Data\Microsoft\CryptnetUrlCache\MetaData\696F3DE637E6DE85B458996D49D759AD [156] O61 - LFC:Last File Created 31/10/2011 - 18:05:51 -S-A- C:\Documents And Settings\Taranis\Application Data\Microsoft\CryptnetUrlCache\MetaData\B8CC409ACDBF2A2FE04C56F2875B1FD6 [134] O61 - LFC:Last File Created 31/10/2011 - 18:05:59 -S-A- C:\Documents And Settings\Taranis\Application Data\Microsoft\CryptnetUrlCache\Content\1B749B72855CB97BF2F58675617C9BF9 [576] O61 - LFC:Last File Created 31/10/2011 - 18:05:59 -S-A- C:\Documents And Settings\Taranis\Application Data\Microsoft\CryptnetUrlCache\Content\7B2238AACCEDC3F1FFE8E7EB5F575EC9 [552] O61 - LFC:Last File Created 31/10/2011 - 18:05:59 -S-A- C:\Documents And Settings\Taranis\Application Data\Microsoft\CryptnetUrlCache\MetaData\1B749B72855CB97BF2F58675617C9BF9 [162] O61 - LFC:Last File Created 31/10/2011 - 18:05:59 -S-A- C:\Documents And Settings\Taranis\Application Data\Microsoft\CryptnetUrlCache\MetaData\7B2238AACCEDC3F1FFE8E7EB5F575EC9 [132] O61 - LFC:Last File Created 31/10/2011 - 18:06:16 -S-A- C:\Documents And Settings\Taranis\Application Data\Microsoft\CryptnetUrlCache\Content\A8FABA189DB7D25FBA7CAC806625FD30 [96089] O61 - LFC:Last File Created 31/10/2011 - 18:06:16 -S-A- C:\Documents And Settings\Taranis\Application Data\Microsoft\CryptnetUrlCache\MetaData\A8FABA189DB7D25FBA7CAC806625FD30 [124] O61 - LFC:Last File Created 31/10/2011 - 18:06:19 -S-A- C:\Documents And Settings\Taranis\Application Data\Microsoft\CryptnetUrlCache\Content\3C83474D61E624A4F9844DF935AFE217 [569] O61 - LFC:Last File Created 31/10/2011 - 18:06:19 -S-A- C:\Documents And Settings\Taranis\Application Data\Microsoft\CryptnetUrlCache\MetaData\3C83474D61E624A4F9844DF935AFE217 [142] O61 - LFC:Last File Created 31/10/2011 - 18:06:57 -S-A- C:\Documents And Settings\Taranis\Application Data\Microsoft\CryptnetUrlCache\Content\E6024EAC88E6B6165D49FE3C95ADD735 [558] O61 - LFC:Last File Created 31/10/2011 - 18:06:57 -S-A- C:\Documents And Settings\Taranis\Application Data\Microsoft\CryptnetUrlCache\MetaData\E6024EAC88E6B6165D49FE3C95ADD735 [144] O61 - LFC:Last File Created 31/10/2011 - 18:10:02 --HA- C:\Documents And Settings\Mamounette\ntuser.dat.LOG [1024] O61 - LFC:Last File Created 31/10/2011 - 18:10:02 --HA- C:\Documents And Settings\Papounet\ntuser.dat.LOG [1024] O61 - LFC:Last File Created 31/10/2011 - 18:10:10 -SHA- C:\Documents And Settings\Taranis\Local Settings\Application Data\Microsoft\Credentials\S-1-5-21-1547161642-1897051121-725345543-1003\Credentials [11602] O61 - LFC:Last File Created 31/10/2011 - 18:10:29 ---A- C:\Documents And Settings\NetworkService\Local Settings\Historique\History.IE5\index.dat [16384] O61 - LFC:Last File Created 31/10/2011 - 18:10:29 -SHA- C:\Documents And Settings\NetworkService\Cookies\index.dat [16384] O61 - LFC:Last File Created 31/10/2011 - 18:10:31 ---A- C:\Documents And Settings\All Users\Application Data\Avira\AntiVir Desktop\EVENTDB\avevtdb.dbe [36864] O61 - LFC:Last File Created 31/10/2011 - 18:10:36 -SHA- C:\Documents And Settings\Taranis\Application Data\Microsoft\Internet Explorer\Desktop.htt [2700] O61 - LFC:Last File Created 31/10/2011 - 18:11:22 ---A- C:\Documents And Settings\Taranis\Local Settings\Temp\IswTmp\Logs\FFApi.swl [988] O61 - LFC:Last File Created 31/10/2011 - 18:11:24 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Snapshots2\Windows Firewall-Global.reg [666] O61 - LFC:Last File Created 31/10/2011 - 18:11:33 ---A- C:\Documents And Settings\Taranis\Local Settings\Application Data\ATI\ACE\Manifest.Bin [32089] O61 - LFC:Last File Created 31/10/2011 - 18:11:33 ---A- C:\Documents And Settings\Taranis\Local Settings\Application Data\ATI\ACE\Manifest.xml [23698] O61 - LFC:Last File Created 31/10/2011 - 18:11:47 ---A- C:\Documents And Settings\Taranis\Local Settings\Temp\INMEM000.REM [0] O61 - LFC:Last File Created 31/10/2011 - 18:11:49 -SHA- C:\Documents And Settings\Taranis\IETldCache\index.dat [262144] O61 - LFC:Last File Created 31/10/2011 - 18:12:12 --HA- C:\Documents And Settings\Taranis\Local Settings\Historique\History.IE5\index.dat [180224] O61 - LFC:Last File Created 31/10/2011 - 18:12:12 -SHA- C:\Documents And Settings\Taranis\Cookies\index.dat [32768] O61 - LFC:Last File Created 31/10/2011 - 18:12:13 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\ProcCache.sbc [3578] O61 - LFC:Last File Created 31/10/2011 - 18:21:54 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Windows Live Mail\Calendars\xxxx@hotmail.fr\DBStore\Backup\new\WLCalendarStore.edb [2121728] O61 - LFC:Last File Created 31/10/2011 - 18:21:55 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Windows Live Mail\Calendars\xxxx@hotmail.fr\DBStore\Backup\new\WLCalendarStore.pat [16384] O61 - LFC:Last File Created 31/10/2011 - 18:21:55 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Windows Live Mail\Calendars\xxxx@hotmail.fr\DBStore\WLCalendarStore.pat [16384] O61 - LFC:Last File Created 31/10/2011 - 18:21:58 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Windows Live Contacts\{b8b06f4e-283c-444b-a71b-f53b8ec71adc}\DBStore\Backup\new\contacts.edb [4218880] O61 - LFC:Last File Created 31/10/2011 - 18:21:58 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Windows Live Contacts\{b8b06f4e-283c-444b-a71b-f53b8ec71adc}\DBStore\contacts.pat [16384] O61 - LFC:Last File Created 31/10/2011 - 18:21:59 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Windows Live Contacts\{b8b06f4e-283c-444b-a71b-f53b8ec71adc}\DBStore\Backup\new\contacts.pat [16384] O61 - LFC:Last File Created 31/10/2011 - 18:22:07 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Windows Live Contacts\{2fc601bf-8d14-4b3c-91d5-23ab8953387a}\DBStore\Backup\new\contacts.edb [4218880] O61 - LFC:Last File Created 31/10/2011 - 18:22:07 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Windows Live Contacts\{2fc601bf-8d14-4b3c-91d5-23ab8953387a}\DBStore\Backup\new\contacts.pat [16384] O61 - LFC:Last File Created 31/10/2011 - 18:22:07 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Windows Live Contacts\{2fc601bf-8d14-4b3c-91d5-23ab8953387a}\DBStore\contacts.pat [16384] O61 - LFC:Last File Created 31/10/2011 - 18:25:31 ---A- C:\Documents And Settings\Mamounette\Application Data\Mozilla\Firefox\Crash Reports\pending\71a1b29d-1af0-4b0e-882b-dde7daccd445.dmp [18037] O61 - LFC:Last File Created 31/10/2011 - 18:25:32 ---A- C:\Documents And Settings\Mamounette\Application Data\Mozilla\Firefox\Crash Reports\pending\71a1b29d-1af0-4b0e-882b-dde7daccd445.extra [2180] O61 - LFC:Last File Created 31/10/2011 - 18:34:49 ---A- C:\Documents And Settings\All Users\Application Data\Avira\AntiVir Desktop\JOBS\updjob.avj [1674] O61 - LFC:Last File Created 31/10/2011 - 18:34:50 ---A- C:\Documents And Settings\All Users\Application Data\Avira\AntiVir Desktop\IDX\master.idx [56] O61 - LFC:Last File Created 31/10/2011 - 18:34:50 ---A- C:\Documents And Settings\All Users\Application Data\Avira\AntiVir Desktop\REPORTS\96acddd5.avl [1528] O61 - LFC:Last File Created 31/10/2011 - 19:17:11 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Feeds\FeedsStore.feedsdb-ms [4096] O61 - LFC:Last File Created 31/10/2011 - 19:17:11 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~\Galerie de composants Web Slice~.feed-ms [32768] O61 - LFC:Last File Created 31/10/2011 - 21:12:28 ---A- C:\Documents And Settings\Mamounette\Application Data\Mozilla\Firefox\Crash Reports\pending\56eb7faa-c53d-40d7-93c0-b21977832e03.dmp [18037] O61 - LFC:Last File Created 31/10/2011 - 21:12:28 ---A- C:\Documents And Settings\Mamounette\Application Data\Mozilla\Firefox\Crash Reports\pending\56eb7faa-c53d-40d7-93c0-b21977832e03.extra [2180] ~ Scan Files in 02mn 33s ---\\ Liste des services Legacy (O64) O64 - Services: CurCS - 11/10/2011 - C:\Program Files\Avira\AntiVir Desktop\sched.exe - Avira Scheduler(AntiVirSchedulerService) .(.Avira Operations GmbH & Co. KG - Avira Scheduler.) - LEGACY_ANTIVIRSCHEDULERSERVICE O64 - Services: CurCS - 11/10/2011 - C:\Program Files\Avira\AntiVir Desktop\avguard.exe - Avira Realtime Protection(AntiVirService) .(.Avira Operations GmbH & Co. KG - Avira On-Access Service.) - LEGACY_ANTIVIRSERVICE O64 - Services: CurCS - 11/10/2011 - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.exe - Avira Web Protection(AntiVirWebService) .(.Avira Operations GmbH & Co. KG - Avira WebGuard Service.) - LEGACY_ANTIVIRWEBSERVICE O64 - Services: CurCS - 11/10/2011 - C:\WINDOWS\system32\DRIVERS\avgntflt.sys - avgntflt(avgntflt) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT O64 - Services: CurCS - 11/10/2011 - C:\WINDOWS\system32\DRIVERS\avipbb.sys - avipbb(avipbb) .(.Avira GmbH - Avira Driver for Security Enhancement.) - LEGACY_AVIPBB O64 - Services: CurCS - 11/10/2011 - C:\WINDOWS\system32\DRIVERS\avkmgr.sys - avkmgr(avkmgr) .(.Avira GmbH - Avira Manager Driver.) - LEGACY_AVKMGR O64 - Services: CurCS - 22/06/2009 - C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe - Browser Configuration Utility Service(BCUService) .(.DeviceVM, Inc. - Browser Configuration Utility Auto-recovery.) - LEGACY_BCUSERVICE O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\System32\dmadmin.exe - Service d'administration du Gestionnaire de disque logique(dmadmin) .(.Microsoft Corp., Veritas Software - Processus du service Gestionnaire de disque.) - LEGACY_DMADMIN O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\drivers\dmboot.sys - dmboot(dmboot) .(.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) - LEGACY_DMBOOT O64 - Services: CurCS - 28/08/2001 - C:\WINDOWS\system32\drivers\dmload.sys - dmload(dmload) .(.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) - LEGACY_DMLOAD O64 - Services: CurCS - 26/06/2011 - C:\WINDOWS\gdrv.sys - gdrv(gdrv) .(.Windows ® 2000 DDK provider - GIGABYTE Tools.) - LEGACY_GDRV O64 - Services: CurCS - 21/10/2011 - C:\Program Files\Java\jre7\bin\jqs.exe - Java Quick Starter(JavaQuickStarterService) .(.Oracle Corporation - Java™ Quick Starter Service.) - LEGACY_JAVAQUICKSTARTERSERVICE O64 - Services: CurCS - 12/11/2009 - C:\Program Files\CDBurnerXP\NMSAccessU.exe - NMSAccessU (NMSAccessU) .(...) - LEGACY_NMSACCESSU O64 - Services: CurCS - 08/06/2011 - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe - ServiceLayer(ServiceLayer) .(.Nokia - ServiceLayer Module.) - LEGACY_SERVICELAYER O64 - Services: CurCS - 17/06/2010 - C:\WINDOWS\system32\DRIVERS\ssmdrv.sys - ssmdrv(ssmdrv) .(.Avira GmbH - AVIRA SnapShot Driver.) - LEGACY_SSMDRV O64 - Services: CurCS - 04/07/2010 - C:\Program Files\Unlocker\UnlockerDriver5.sys - UnlockerDriver5 (UnlockerDriver5) .(...) - LEGACY_UNLOCKERDRIVER5 O64 - Services: CurCS - 13/05/2010 - C:\WINDOWS\system32\vsdatant.sys - vsdatant(vsdatant) .(.Check Point Software Technologies LTD - ZoneAlarm Firewalling Driver.) - LEGACY_VSDATANT O64 - Services: CurCS - 18/02/2011 - C:\WINDOWS\system32\ZoneLabs\vsmon.exe - TrueVector Internet Monitor(vsmon) .(.Check Point Software Technologies LTD - TrueVector Service.) - LEGACY_VSMON ~ Scan Services in 00mn 01s ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe ~ Scan Keys in 00mn 00s ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ~ Scan Keys in 00mn 00s ---\\ Search Browser Infection (O69) O69 - SBI: C:\Documents and Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\searchplugins\askcom.xml O69 - SBI: prefs.js [Taranis - 8yv5jtro.default] user_pref("CT2613520.ct2613520.SearchEngine", "Recherche||http://search.conduit.com/Results.aspx? O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (@ieframe.dll,-12512) - Bing O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - Bing O69 - SBI: SearchScopes [HKCU] {5B43EE53-99A7-4490-8FCB-E92E1C125DC5} - (Bing) - Bing O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Goo) - Google O69 - SBI: SearchScopes [HKCU] {8418C7A6-D993-4FDE-8228-761D798287D5} - (Ask Search) - http://websearch.ask.com O69 - SBI: SearchScopes [HKCU] {957C8D5B-3C63-458F-9E40-7B328E43FAFE} [DefaultScope] - (Google) - Google O69 - SBI: SearchScopes [HKCU] {B92E9C19-2391-4420-A2B3-0ED981AAF20B} - (Yahoo! Search) - Yahoo! Search - Recherche Web ~ Scan Keys in 00mn 00s ---\\ Recherche particuliere à la racine de certains dossiers (O84) [MD5.6D4AAA65E4003DEC5EBEEF86AF1AE77C] [sPRF][25/07/2005] (.Gadwin Systems, Inc. - PrintScreen captures the contents of the screen with a single keystroke..) -- C:\Program Files\PrintScreen.exe [946176] [MD5.0678EF2737319BEDE70811765B941436] [sPRF][05/02/2010] (.ZebTeam - Pas de description.) -- C:\Program Files\ZebProtect.exe [348160] ~ Scan Files in 00mn 00s ---\\ Scan Additionnel (O88) Database Version : 8786 - (20/09/2011) Clés trouvées (Keys found) : 25 Valeurs trouvées (Values found) : 2 Dossiers trouvés (Folders found) : 6 Fichiers trouvés (Files found) : 0 [HKLM\Software\Classes\AppID\GenericAskToolbar.DLL] =>Toolbar.AskSBar [HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd] =>Toolbar.AskSBar [HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1] =>Toolbar.AskSBar [HKLM\Software\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}] =>Toolbar.AskTBar [HKLM\Software\Classes\CLSID\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}] =>Toolbar.Agent [HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] =>Toolbar.AskSBar [HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}] =>Toolbar.AskSBar [HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}] =>Toolbar.Ask [HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}] =>Toolbar.AskSBar [HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}] =>Toolbar.AskSBar [HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}] =>Toolbar.AskSBar [HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}] =>Toolbar.Ask [HKLM\Software\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}] =>Spyware.Soft2PC [HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Toolbar.AskSBar [HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AskSBar [HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AskSBar [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AskSBar [HKCU\Software\APN] =>Toolbar.Agent [HKLM\Software\APN] =>Toolbar.Agent [HKCU\Software\Ask.com] =>Toolbar.AskBar [HKCU\Software\Ask.com] =>Toolbar.AskBarDis [HKCU\Software\AskToolbar] =>Toolbar.AskTBar [HKLM\Software\AskToolbar] =>Toolbar.AskTBar [HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Software\AskToolbar] =>Toolbar.AskTBar [HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks]:{00000000-6E41-4FD3-8538-502F5495E5FC} =>Adware.ShoppingReport2 [HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{D4027C7F-154A-4066-A1AD-4243D8127440} =>Toolbar.AskSBar C:\Program Files\Ask.com =>Toolbar.AskBar C:\Documents and Settings\Taranis\Application Data\pdfforge =>PUP.Dealio C:\Documents and Settings\Taranis\Local Settings\Application Data\AskToolbar =>Toolbar.AskTBar C:\Documents and Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\Conduit =>Toolbar.Conduit C:\Documents and Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\Extensions\toolbar@ask.com =>Toolbar.AskTBar ~ Scan Additionnel in 00mn 05s ---\\ Recherche détournement de DNS routeur (O89) Serveur : neufbox Address: 192.168.1.1 Nom : www.l.google.com Addresses: 209.85.148.147, 209.85.148.105, 209.85.148.106, 209.85.148.104 209.85.148.99, 209.85.148.103 Aliases: www.google.fr, www.google.com ~ Scan DNS in 00mn 02s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 31/10/2011 86224 | (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe SR - | Auto 31/10/2011 110032 | (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe SR - | Auto 31/10/2011 463824 | (AntiVirWebService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.exe SR - | Auto 31/10/2011 643072 | (Ati HotKey Poller) . (.ATI Technologies Inc..) - C:\WINDOWS\system32\Ati2evxx.exe SR - | Auto 31/10/2011 212232 | (BCUService) . (.DeviceVM, Inc..) - C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe SS - | Demand 31/10/2011 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\System32\dmadmin.exe SS - | Demand 31/10/2011 136120 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe SR - | Auto 31/10/2011 161664 | (JavaQuickStarterService) . (.Oracle Corporation.) - C:\Program Files\Java\jre7\bin\jqs.exe SS - | Demand 31/10/2011 295192 | (LBTServ) . (.Logitech, Inc..) - C:\Program Files\Fichiers communs\LogiShrd\Bluetooth\lbtserv.exe SR - | Auto 71096 | (NMSAccessU) . (...) - C:\Program Files\CDBurnerXP\NMSAccessU.exe SR - | Auto 31/10/2011 53248 | (PLFlash DeviceIoControl Service) . (.Prolific Technology Inc..) - C:\WINDOWS\system32\IoctlSvc.exe SS - | Demand 31/10/2011 65795 | (Pml Driver HPZ12) . (.HP.) - C:\WINDOWS\system32\HPZipm12.exe SS - | Demand 31/10/2011 633856 | (ServiceLayer) . (.Nokia.) - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe SR - | Auto 31/10/2011 2435592 | (vsmon) . (.Check Point Software Technologies LTD.) - C:\WINDOWS\system32\ZoneLabs\vsmon.exe ~ Scan Services in 00mn 02s ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover Run by Taranis at 31/10/2011 18:19:51 device: opened successfully user: MBR read successfully Disk trace: called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS 1 ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\Harddisk0\DR0[0x8A5C3AB8] 3 CLASSPNP[0xBA108FD7] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\00000068[0x8A5A5E98] 5 ACPI[0xB9F7E620] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\Ide\IdeDeviceP0T0L0-3[0x8A646D98] kernel: MBR read successfully user & kernel MBR OK ~ Scan MBR in 00mn 05s ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by Taranis at 31/10/2011 18:19:53 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ Scan MBR in 00mn 07s End of the scan (1482 lines in 07mn 21s)(0) Scan du 01/11/2011 : Rapport de ZHPDiag v1.28.1350 par Nicolas Coolman, Update du 20/09/2011 Run by Taranis at 01/11/2011 13:01:26 Web site : ZHPDiag Outil de diagnostic ---\\ Web Browser MSIE: Internet Explorer v8.0.6001.18702 MFIE: Mozilla Firefox 7.0.1 v7.0.1 (Defaut) ---\\ Windows Product Information Windows XP Professional Service Pack 3 (Build 2600) Windows Automatic Updates : OK Windows Genuine Advantage : OK ---\\ System Information ~ Processor: x86 Family 16 Model 6 Stepping 2, AuthenticAMD ~ Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 1790 MB (70% free) System Restore: Activé (Enable) System drive C: has 77 GB (77%) free of 100 GB ---\\ Logged in mode ~ Computer Name: MAISON-8F808655 ~ User Name: Taranis ~ All Users Names: Taranis, SUPPORT_388945a0, Papounet, Mamounette, HelpAssistant, Administrateur, ~ Unselected Option: None Logged in as Administrator ---\\ Environnement Variables ~ System Unit : C:\ ~ %AppData% : C:\Documents and Settings\Taranis\Application Data\ ~ %Desktop% : C:\Documents and Settings\Taranis\Bureau\ ~ %Favorites% : C:\Documents and Settings\Taranis\Favoris\ ~ %LocalAppData% : C:\Documents and Settings\Taranis\Local Settings\Application Data\ ~ %StartMenu% : C:\Documents and Settings\Taranis\Menu Démarrer\ ~ %Windir% : C:\WINDOWS\ ~ %System% : C:\WINDOWS\system32\ ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 77 Go of 100 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 66 Go of 200 Go) E:\ Hard drive, Flash drive, Thumb drive (Free 100 Go of 100 Go) F:\ Hard drive, Flash drive, Thumb drive (Free 65 Go of 66 Go) G:\ CD-ROM drive (Not Inserted) H:\ CD-ROM drive (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK ~ Scan Security Center in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.01/11/2011 - 18:34:04.) -- C:\WINDOWS\Explorer.exe [1037824] [MD5.93AD0B78C7357A05F50E594EC7C22300] - (....) (.01/11/2011 - 18:34:22.) -- C:\WINDOWS\system32\rundll32.exe [33792] [MD5.3008D2F793F23FF0DDBC5A1FB9F8374F] - (.Microsoft Corporation - Internet Extensions for Win32.) (.01/11/2011 - 19:31:31.) -- C:\WINDOWS\system32\wininet.dll [916480] [MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.01/11/2011 - 18:34:30.) -- C:\WINDOWS\system32\Winlogon.exe [512000] [MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.01/11/2011 - 10:40:32.) -- C:\WINDOWS\system32\drivers\atapi.sys [96512] [MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.01/11/2011 - 11:15:54.) -- C:\WINDOWS\system32\drivers\ntfs.sys [574976] ~ Scan Generic Processes in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 1/2 ~ Mes musiques (My Musics) : 1/2 ~ Mes Videos (My Videos) : 1/2 ~ Mes Favoris (My Favorites) : 2/18 ~ Mes Documents (My Documents) : 5/92 ~ Mon Bureau (My Desktop) : 0/4 ~ Menu demarrer (Programs) : 4/108 ~ Scan Hidden Files in 00mn 00s ---\\ Processus lancés [MD5.288E9F9CB529B4F7C6B58FC53940FB46] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\WINDOWS\system32\Ati2evxx.exe [643072] [PID.] [MD5.6797E0F85E5F419EEFBE2E4C7A622EA1] - (.Check Point Software Technologies LTD - TrueVector Service.) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2435592] [PID.] [MD5.72709089A54BDC1C5B16BC4A4B926567] - (.Avira Operations GmbH & Co. KG - Avira Scheduler.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [86224] [PID.] [MD5.42F88BFBB76F7A63E381829479B18518] - (.Avira Operations GmbH & Co. KG - Avira On-Access Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [110032] [PID.] [MD5.936209B6F93D0E11659CB2D229FE6583] - (.DeviceVM, Inc. - Browser Configuration Utility Auto-recovery.) -- C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe [212232] [PID.] [MD5.92E16F5D034E7864DA308BA6309A98B7] - (.Oracle Corporation - Java™ Quick Starter Service.) -- C:\Program Files\Java\jre7\bin\jqs.exe [161664] [PID.] [MD5.9B03B2D34D46F88638D51066531D08DC] - (.Prolific Technology Inc. - PLFlash DeviceIoControl Service.) -- C:\WINDOWS\system32\IoctlSvc.exe [53248] [PID.] [MD5.3DAC59C2917EC09DE0892DDDCE626DF7] - (.Avira Operations GmbH & Co. KG - Avira Shadow Copy Service.) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe [80336] [PID.] [MD5.3F3C2BD7BDDD489AAE5410D7E84DB904] - (.Avira Operations GmbH & Co. KG - Avira WebGuard Service.) -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [463824] [PID.] [MD5.F052CB43FCA828CF5C711BAFBECD692F] - (.Check Point Software Technologies LTD - ZoneAlarm Client.) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [1043968] [PID.] [MD5.478515FA22E17C4CA7177B3305630FA4] - (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [258512] [PID.2880] [MD5.5300552AC15F1A877C4B6BB6512AD1FD] - (.Logitech, Inc. - Logitech SetPoint Event Manager (UNICODE).) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe [1387288] [PID.3108] [MD5.B27935893393B1FD117D95A659310676] - (.Grégory HARGOUS - www.GregLand.Net - Pas de description.) -- C:\Program Files\StartClock\StartClock.exe [1024000] [PID.3280] [MD5.61F5A23510D46FE7C02931604AFC8407] - (.Logitech, Inc. - Logitech KHAL Main Process.) -- C:\Program Files\Fichiers communs\LogiShrd\KHAL3\KHALMNPR.EXE [149784] [PID.3560] [MD5.B26A2F3CD6459548DB6891D138080876] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZebHelpProcess\ZHPDiag.exe [2121216] [PID.3200] [MD5.B89CB10DAA6B058F6EEAF4A2F489CFBF] - (.Nicolas Coolman - Analyseur de rapports sécurité.) -- C:\Program Files\ZebHelpProcess\ZHP2.exe [2924032] [PID.4048] ~ Scan Processes Running in 00mn 00s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Documents and Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\prefs.js C:\Documents and Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\user.js M3 - MFPP: Plugins - [Taranis] -- C:\Documents and Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\searchplugins\netvibes-ecosystem-search.xml M3 - MFPP: Plugins - [Taranis] -- C:\Documents and Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\searchplugins\veosearch.xml M3 - MFPP: Plugins - [Taranis] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml M3 - MFPP: Plugins - [Taranis] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml M3 - MFPP: Plugins - [Taranis] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml M3 - MFPP: Plugins - [Taranis] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml M3 - MFPP: Plugins - [Taranis] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml M3 - MFPP: Plugins - [Taranis] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml M3 - MFPP: Plugins - [Taranis] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml M3 - MFPP: Plugins - [Taranis] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo.xml M0 - MFSP: prefs.js [Taranis - 8yv5jtro.default] Google M2 - MFEP: prefs.js [Taranis - 8yv5jtro.default\DeviceDetection@logitech.com] [] Ð'иÑÐ²Ð»ÐµÐ½Ð½Ñ Ð¿Ñ€Ð¸Ñтроїв Logitech v1.23.0.5 (.Logitech, Inc..) M2 - MFEP: prefs.js [Taranis - 8yv5jtro.default\keyscrambler@qfx.software.corporation] [] KeyScrambler v2.8.1.0 (.QFX Software Corporation.) M2 - MFEP: prefs.js [Taranis - 8yv5jtro.default\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}] [WOT] WOT v20110704 (.WOT Services Oy.) M2 - MFEP: prefs.js [Taranis - 8yv5jtro.default\{d37dc5d0-431d-44e5-8c91-49419370caa1}] [] FoxClocks v2.9.35 (.Andy McDonald.) M2 - MFEP: prefs.js [Taranis - 8yv5jtro.default\{e001c731-5e37-4538-a5cb-8168736a2360}] [bitdefender] BitDefender QuickScan v0.9.9.99 (.Echipa R&D BitDefender.) P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files\Mozilla Firefox\Plugins\np-mswmp.dll P2 - FPN:Firefox Plugin Navigator . (.Oracle Corporation - NPRuntime Script Plug-in Library for Java™ Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll P2 - FPN:Firefox Plugin Navigator . (.DivX,Inc. - DivX Web Player version 1.4.2.7.) -- C:\Program Files\Mozilla Firefox\Plugins\npdivx32.dll P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - 1.9.0042.0.) -- C:\Program Files\Mozilla Firefox\Plugins\npLegitCheckPlugin.dll P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.1.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin8.dll P2 - FPN:Firefox Plugin Navigator . (.NOS Microsystems Ltd. - getplusplusadobe16263.) -- C:\Program Files\Mozilla Firefox\Plugins\np_gp.dll P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll P2 - FPN: [HKLM] [@google.com/npPicasa3,version=3.0.0] - (.Google, Inc. - Picasa plugin.) -- C:\Program Files\Google\Picasa3\npPicasa3.dll P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Oracle Corporation - Next Generation Java Plug-in 10.1.0 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll P2 - FPN: [HKLM] [@videolan.org/vlc,version=1.1.10] - (.the VideoLAN Team - Version 1.1.10, copyright 1996-2011 The VideoLAN Team<br><a href="http.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll P2 - FPN: [HKLM] [@videolan.org/vlc,version=1.1.2] - (.the VideoLAN Team - Version 1.1.10, copyright 1996-2011 The VideoLAN Team<br><a href="http.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.1.) -- C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll ~ Scan Firefox Browser in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN Hotmail, Messenger, Actualité, Sport, People, Femmes - MSN France R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN Hotmail, Messenger, Actualité, Sport, People, Femmes - MSN France R0 - HKUS\S-1-5-21-1547161642-1897051121-725345543-1003\Software\Microsoft\Internet Explorer\Main,Start Page = MSN Hotmail, Messenger, Actualité, Sport, People, Femmes - MSN France R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Google R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Microsoft Corporation R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = Google R1 - HKUS\S-1-5-21-1547161642-1897051121-725345543-1003\Software\Microsoft\Internet Explorer\Main,Search Page = Google R3 - URLSearchHook: SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} . (.DeviceVM, Inc. - Browser Configuration Utility Address Bar S.) (1, 1, 7, 0) -- C:\Program Files\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.19098 (longhorn_ie8_gdr.110617-1715)) -- C:\WINDOWS\system32\ieframe.dll ~ Scan IE Browser in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Scan Proxy management in 00mn 00s ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe, F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ~ Scan Keys in 00mn 00s ---\\ Redirection du fichier Hosts (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Scan Hosts File in 00mn 01s ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: QFX Software KeyScrambler - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} . (.QFX Software Corporation - KeyScrambler Program DLL.) -- C:\Program Files\KeyScrambler\KeyScramblerIE.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll ~ Scan BHO in 00mn 00s ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll O3 - Toolbar: Avira SearchFree Toolbar plus WebGuard - {D4027C7F-154A-4066-A1AD-4243D8127440} . (...) -- C:\Program Files\Ask.com\GenericAskToolbar.dll ~ Scan Toolbar in 00mn 00s ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [startCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe O4 - HKLM\..\Run: [ZoneAlarm Client] . (.Check Point Software Technologies LTD - ZoneAlarm Client.) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe O4 - HKLM\..\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe O4 - HKLM\..\Run: [EvtMgr6] . (.Logitech, Inc. - Logitech SetPoint Event Manager (UNICODE).) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe O4 - HKLM\..\Run: [KernelFaultCheck] Clé orpheline ~ Scan Application in 00mn 00s ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: Add to Google Photos Screensa&ver . (.Google Inc. - Google Photos Screensaver.) -- C:\WINDOWS\system32\GPhotos.scr ~ Scan IE Menu Contextuel in 00mn 00s ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe ~ Scan IE Extra Buttons in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll ~ Scan Winsock in 00mn 00s ---\\ Onglet supplémentaire dans les options avancées d'Internet Explorer (O11) O11 - Options group: [java_sun] Java (Sun). (.Oracle Corporation - Java™ Deployment Library .) - C:\Program Files\Java\jre7\bin\deploy.dll ~ Scan IE Plugins in 00mn 00s ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1265445165234 ~ Scan Objets ActiveX in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{033FE895-6845-43B0-BB4F-CBB9CF81FD09}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{033FE895-6845-43B0-BB4F-CBB9CF81FD09}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CS3\Services\Tcpip\..\{033FE895-6845-43B0-BB4F-CBB9CF81FD09}: DhcpNameServer = 192.168.1.1 ~ Scan Domain in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API.) -- C:\WINDOWS\system32\inetcomm.dll O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll ~ Scan Protocole Additionnel in 00mn 00s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: AtiExtEvent . (.ATI Technologies Inc. - ATI External Event Utility DLL Module.) -- C:\WINDOWS\system32\Ati2evxx.dll O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll O20 - Winlogon Notify: LBTWlgn . (.Logitech, Inc. - Logitech Bluetooth Service.) -- c:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll ~ Scan Winlogon in 00mn 00s ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll ~ Scan SSODL in 00mn 00s ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: (no name) - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll ~ Scan STS/SSO in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Avira Scheduler (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG - Avira Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira Realtime Protection (AntiVirService) . (.Avira Operations GmbH & Co. KG - Avira On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Avira Web Protection (AntiVirWebService) . (.Avira Operations GmbH & Co. KG - Avira WebGuard Service.) - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.exe O23 - Service: (Ati HotKey Poller) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Browser Configuration Utility Service (BCUService) . (.DeviceVM, Inc. - Browser Configuration Utility Auto-recovery.) - C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Oracle Corporation - Java™ Quick Starter Service.) - C:\Program Files\Java\jre7\bin\jqs.exe O23 - Service: PLFlash DeviceIoControl Service (PLFlash DeviceIoControl Service) . (.Prolific Technology Inc. - PLFlash DeviceIoControl Service.) - C:\WINDOWS\system32\IoctlSvc.exe O23 - Service: TrueVector Internet Monitor (vsmon) . (.Check Point Software Technologies LTD - TrueVector Service.) - C:\WINDOWS\system32\ZoneLabs\vsmon.exe ~ Scan Services in 00mn 00s ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(...) - (.not file.) ~ Scan Desktop Component in 00mn 00s ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 1100 series#1265220527.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-1547161642-1897051121-725345543-1003.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-1547161642-1897051121-725345543-1003.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job [MD5.4D6019BE71C720E2D29F2CE758F7A53B] [APT] [FRU Task #Hewlett-Packard#hp psc 1100 series#1265220527] (...) -- C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe [MD5.00000000000000000000000000000000] [APT] [RealUpgradeLogonTaskS-1-5-21-1547161642-1897051121-725345543-1003] (...) -- C:\Program Files\Real\RealUpgrade\realupgrade.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [RealUpgradeScheduledTaskS-1-5-21-1547161642-1897051121-725345543-1003] (...) -- C:\Program Files\Real\RealUpgrade\realupgrade.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [scheduled Update for Ask Toolbar] (...) -- C:\Program Files\Ask.com\UpdateTask.exe (.not file.) ~ Scan Scheduled Task in 00mn 00s ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys O41 - Driver: (AmdPPM) . (.Advanced Micro Devices - AMD Processor Driver.) - C:\WINDOWS\system32\DRIVERS\AmdPPM.sys O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for Security Enhancement.) - C:\WINDOWS\system32\DRIVERS\avipbb.sys O41 - Driver: (avkmgr) . (.Avira GmbH - Avira Manager Driver.) - C:\WINDOWS\system32\DRIVERS\avkmgr.sys O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\system32\DRIVERS\cdrom.sys O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\system32\DRIVERS\imapi.sys O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\system32\DRIVERS\ipsec.sys O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre souris HID.) - C:\WINDOWS\system32\DRIVERS\kbdhid.sys O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\system32\DRIVERS\mouclass.sys O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\system32\DRIVERS\netbios.sys O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\system32\DRIVERS\netbt.sys O41 - Driver: (Processor) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\system32\DRIVERS\processr.sys O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\system32\DRIVERS\rasacd.sys O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\system32\DRIVERS\rdbss.sys O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\system32\DRIVERS\redbook.sys O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\WINDOWS\system32\DRIVERS\serial.sys O41 - Driver: (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\WINDOWS\system32\DRIVERS\ssmdrv.sys O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\system32\DRIVERS\tcpip.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\system32\DRIVERS\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys O41 - Driver: (vsdatant) . (.Check Point Software Technologies LTD - ZoneAlarm Firewalling Driver.) - C:\WINDOWS\system32\vsdatant.sys O41 - Driver: (WmiAcpi) . (.Microsoft Corporation - Windows Management Interface for ACPI.) - C:\WINDOWS\system32\DRIVERS\wmiacpi.sys O41 - Driver: Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0 (WS2IFSL) . (.Microsoft Corporation - Winsock2 IFS Layer.) - C:\WINDOWS\system32\drivers\ws2ifsl.sys O41 - Driver: (avgio) . (. - .) - C:\Program Files\Avira\AntiVir Desktop\avgio.sys (.not file.) ~ Scan Drivers in 00mn 00s ---\\ Logiciels installés (O42) O42 - Logiciel: Canon SELPHY CP780 - (.Pas de propriétaire.) [HKLM] -- Canon SELPHY CP780 O42 - Logiciel: Canon Utilities SELPHY Photo Print - (.Canon Inc..) [HKLM] -- SELPHY Photo Print O42 - Logiciel: Canon Utilities SELPHY Print Contents 1.0.0 - (.Canon Inc..) [HKLM] -- SELPHY Print Contents 100 O42 - Logiciel: Grisbi 0.6.0 release - (.Pas de propriétaire.) [HKLM] -- Grisbi 0.6.0 release O42 - Logiciel: Hercules WebCam Station - (.Pas de propriétaire.) [HKLM] -- {D208F4A7-6B73-4C2A-8B1E-8756FCBA831E} O42 - Logiciel: Hercules Webcam - (.Pas de propriétaire.) [HKLM] -- {A250D351-A07F-4D5D-AB6C-693C69B9BFAF} O42 - Logiciel: HotFix Q0306270 - (.Pas de propriétaire.) [HKLM] -- {7D9B8EE1-7E8E-411C-8F36-2A26D2D20D5F} O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595 O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484 O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5 O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5 O42 - Logiciel: IZArc 4.1.6 - (.Ivan Zahariev.) [HKLM] -- {97C82B44-D408-4F14-9252-47FC1636D23E}_is1 O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3 O42 - Logiciel: KeyScrambler - (.QFX Software Corporation.) [HKLM] -- KeyScrambler O42 - Logiciel: Lame ACM MP3 Codec - (.Pas de propriétaire.) [HKLM] -- LameACM O42 - Logiciel: Logitech SetPoint 6.32 - (.Logitech.) [HKLM] -- SP6 O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.2.1300 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1 O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1 O42 - Logiciel: Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 2.0 Language Pack - FRA O42 - Logiciel: Mozilla Firefox 7.0.1 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 7.0.1 (x86 fr) O42 - Logiciel: Mozilla Thunderbird (7.0.1) - (.Mozilla.) [HKLM] -- Mozilla Thunderbird (7.0.1) O42 - Logiciel: Nokia Ovi Suite - (.Nokia.) [HKLM] -- Nokia Ovi Suite O42 - Logiciel: Nokia PC Suite - (.Nokia.) [HKLM] -- Nokia PC Suite O42 - Logiciel: PDFCreator - (.Frank Heindörfer, Philip Chinery.) [HKLM] -- {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D} O42 - Logiciel: Package de pilotes Windows - Nokia Modem (02/25/2011 4.7) - (.Nokia.) [HKLM] -- E0AC723A3DE3A04256288CADBBB011B112AED454 O42 - Logiciel: Package de pilotes Windows - Nokia Modem (02/25/2011 7.01.0.9) - (.Nokia.) [HKLM] -- 72A50F48CC5601190B9C4E74D81161693133E7F7 O42 - Logiciel: Package de pilotes Windows - Nokia Modem (03/05/2008 3.7) - (.Nokia.) [HKLM] -- CBF192A85B624E32B8D19ADEEF2DCFC5BC3AA73A O42 - Logiciel: Package de pilotes Windows - Nokia Modem (03/13/2008 6.86.0.1) - (.Nokia.) [HKLM] -- E092B2EBF2FFE83E896F8F7F829A7B5D7D1B2F9D O42 - Logiciel: Package de pilotes Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) - (.Nokia.) [HKLM] -- 504244733D18C8F63FF584AEB290E3904E791693 O42 - Logiciel: Photo et imagerie HP 2.0 - hp psc 1100 series - (.Pas de propriétaire.) [HKLM] -- HP PSC 1100 Series O42 - Logiciel: Picasa 3 - (.Google, Inc..) [HKLM] -- Picasa 3 O42 - Logiciel: Q-Dir - (.Pas de propriétaire.) [HKLM] -- Q-Dir O42 - Logiciel: RagTime Solo - (.Pas de propriétaire.) [HKLM] -- RagTime Solo O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} O42 - Logiciel: Revo Uninstaller 1.93 - (.VS Revo Group.) [HKLM] -- Revo Uninstaller O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473 O42 - Logiciel: SpywareBlaster 4.4 - (.Javacool Software LLC.) [HKLM] -- SpywareBlaster_is1 O42 - Logiciel: StartClock 3.4 - (.Grégory HARGOUS.) [HKLM] -- StartClock_is1 O42 - Logiciel: Sélecteur d'installation de Microsoft Works 2004 - (.Pas de propriétaire.) [HKLM] -- Works2004Setup O42 - Logiciel: Unlocker 1.9.1 - (.Cedrick Collomb.) [HKLM] -- Unlocker O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707 O42 - Logiciel: VLC media player 1.1.10 - (.VideoLAN.) [HKLM] -- VLC media player O42 - Logiciel: Windows Genuine Advantage Notifications (KB905474) - (.Microsoft Corporation.) [HKLM] -- WgaNotify O42 - Logiciel: Windows Genuine Advantage Validation Tool (KB892130) - (.Microsoft Corporation.) [HKLM] -- KB892130 O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8 O42 - Logiciel: Windows Media Format 11 runtime - (.Pas de propriétaire.) [HKLM] -- Windows Media Format Runtime O42 - Logiciel: Winmail Reader 1.1.12 - (.Kopf.) [HKLM] -- Winmail Reader_is1 O42 - Logiciel: XnView 1.98.2 - (.Gougelet Pierre-e.) [HKLM] -- XnView_is1 O42 - Logiciel: ZebHelpProcess 2.51 - (.Nicolas Coolman.) [HKLM] -- Zeb Help Process_is1 O42 - Logiciel: ZoneAlarm - (.Check Point, Inc.) [HKLM] -- ZoneAlarm O42 - Logiciel: xp-AntiSpy 3.97-3 - (.Christian Taubenheim.) [HKLM] -- xp-AntiSpy ---\\ HKCU & HKLM Software Keys [HKCU\Software\ABBYY] [HKCU\Software\APN] [HKCU\Software\ATI] [HKCU\Software\Adobe] [HKCU\Software\Ahead] [HKCU\Software\AppDataLow\ISWVolatile] [HKCU\Software\AppDataLow\Software] [HKCU\Software\AppDataLow] [HKCU\Software\Ask.com] [HKCU\Software\AskToolbar] [HKCU\Software\Astonsoft] [HKCU\Software\Avira] [HKCU\Software\BitDefender] [HKCU\Software\Borland] [HKCU\Software\Canneverbe Limited] [HKCU\Software\Canon] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\Conduit] [HKCU\Software\Corsair] [HKCU\Software\DVD Decrypter] [HKCU\Software\DeviceVM] [HKCU\Software\DivXNetworks] [HKCU\Software\FileHippo.com] [HKCU\Software\Freeware] [HKCU\Software\GNU] [HKCU\Software\Gabest] [HKCU\Software\Gadwin Systems] [HKCU\Software\Google] [HKCU\Software\Hewlett-Packard] [HKCU\Software\IDAVLab] [HKCU\Software\IM Providers] [HKCU\Software\IZSoftware] [HKCU\Software\Innovative Solutions] [HKCU\Software\Intel] [HKCU\Software\JEDI-VCL] [HKCU\Software\JavaSoft] [HKCU\Software\Jetico] [HKCU\Software\Lavalys] [HKCU\Software\Leadertech] [HKCU\Software\LibreOffice] [HKCU\Software\LinuxLive] [HKCU\Software\Logitech] [HKCU\Software\M4ng] [HKCU\Software\Macromedia] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\Monitored] [HKCU\Software\Mozilla] [HKCU\Software\Netscape] [HKCU\Software\Nokia] [HKCU\Software\ODBC] [HKCU\Software\Oak Technology] [HKCU\Software\PDFCreator] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\QFX Software] [HKCU\Software\RealNetworks] [HKCU\Software\Realtek] [HKCU\Software\Ripp-it] [HKCU\Software\Safer Networking Limited] [HKCU\Software\SoftwareOK.de] [HKCU\Software\Sysinternals] [HKCU\Software\TAdvCheckList] [HKCU\Software\Theorica] [HKCU\Software\Trolltech] [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\VSRevoGroup] [HKCU\Software\WinRAR SFX] [HKCU\Software\WinmailReader] [HKCU\Software\XnView] [HKCU\Software\YahooPartnerToolbar] [HKCU\Software\Zone Labs] [HKCU\Software\settings] [HKCU\Software\xp-AntiSpy] [HKLM\Software\ABBYY] [HKLM\Software\APN] [HKLM\Software\ATI Technologies] [HKLM\Software\ATI] [HKLM\Software\Adobe] [HKLM\Software\Ahead] [HKLM\Software\Alienware] [HKLM\Software\Amazon] [HKLM\Software\AppDataLow] [HKLM\Software\ArcSoft] [HKLM\Software\AskToolbar] [HKLM\Software\Avira] [HKLM\Software\Borland] [HKLM\Software\C07ft5Y] [HKLM\Software\Canon] [HKLM\Software\Canon_Inc_IC] [HKLM\Software\CheckPoint] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\Creative Tech] [HKLM\Software\DeviceVM] [HKLM\Software\DivXNetworks] [HKLM\Software\Gemplus] [HKLM\Software\Google] [HKLM\Software\Hewlett-Packard] [HKLM\Software\IDAVLab] [HKLM\Software\Intel] [HKLM\Software\JavaRa] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\Khronos] [HKLM\Software\LibreOffice] [HKLM\Software\Licenses] [HKLM\Software\Logitech] [HKLM\Software\MDC] [HKLM\Software\Macromedia] [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\NOS] [HKLM\Software\Nokia Mobile Phones] [HKLM\Software\Nokia] [HKLM\Software\ODBC] [HKLM\Software\OMSI] [HKLM\Software\Oak Technology] [HKLM\Software\OmniVision] [HKLM\Software\On2 Technologies] [HKLM\Software\OpenOffice.org] [HKLM\Software\PC Connectivity Solution] [HKLM\Software\PCSuite] [HKLM\Software\PDFCreator] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\Program Groups] [HKLM\Software\QFX Software] [HKLM\Software\RTLSetup] [HKLM\Software\RealNetworks] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\Safer Networking Limited] [HKLM\Software\Schlumberger] [HKLM\Software\Secunia] [HKLM\Software\SpywareBlaster] [HKLM\Software\Sun Microsystems] [HKLM\Software\TuneUp] [HKLM\Software\Uniblue] [HKLM\Software\VideoLAN] [HKLM\Software\Windows 3.1 Migration Status] [HKLM\Software\X-AVCSD] [HKLM\Software\XnView] [HKLM\Software\Zone Labs] [HKLM\Software\mozilla.org] ~ Scan Softwares in 00mn 00s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 04/05/2011 - 18:25:04 - [481384463] ----D- C:\Program Files\ABBYY FineReader 9.0 O43 - CFD: 09/07/2011 - 17:50:42 - [116964634] ----D- C:\Program Files\Adobe O43 - CFD: 19/08/2011 - 20:36:04 - [2662080] ----D- C:\Program Files\Amazon O43 - CFD: 03/02/2010 - 18:39:22 - [3142953] ----D- C:\Program Files\AMD O43 - CFD: 22/10/2011 - 19:35:40 - [1953820] ----D- C:\Program Files\AMD APP O43 - CFD: 20/02/2010 - 18:10:28 - [7647403] ----D- C:\Program Files\Astonsoft O43 - CFD: 17/09/2011 - 15:35:20 - [17667755] ----D- C:\Program Files\ATI O43 - CFD: 22/10/2011 - 19:35:04 - [50114199] ----D- C:\Program Files\ATI Technologies O43 - CFD: 17/10/2011 - 19:24:08 - [161489107] ----D- C:\Program Files\Avira O43 - CFD: 30/01/2011 - 10:24:04 - [0] ----D- C:\Program Files\AviSynth 2.5 O43 - CFD: 02/03/2011 - 18:46:38 - [71923594] ----D- C:\Program Files\Canon O43 - CFD: 26/06/2011 - 17:50:52 - [0] ----D- C:\Program Files\CheckPoint O43 - CFD: 03/02/2010 - 18:15:42 - [0] ----D- C:\Program Files\ComPlus Applications O43 - CFD: 21/08/2010 - 15:25:06 - [1110654] ----D- C:\Program Files\Corsair O43 - CFD: 31/10/2011 - 18:44:56 - [500] ----D- C:\Program Files\CPUMon O43 - CFD: 17/09/2011 - 17:22:44 - [4326736] ----D- C:\Program Files\Defraggler O43 - CFD: 03/02/2010 - 18:25:50 - [686078] --H-D- C:\Program Files\DeviceVM O43 - CFD: 06/02/2010 - 11:00:40 - [1595928] ----D- C:\Program Files\DIFX O43 - CFD: 17/09/2011 - 17:33:28 - [376398693] ----D- C:\Program Files\Fichiers communs O43 - CFD: 16/09/2011 - 20:45:50 - [381086] ----D- C:\Program Files\FileHippo.com O43 - CFD: 05/03/2011 - 14:30:22 - [75703715] ----D- C:\Program Files\Google O43 - CFD: 11/02/2011 - 18:31:36 - [23634093] ----D- C:\Program Files\Grisbi 0.6.0 release O43 - CFD: 06/02/2010 - 10:40:00 - [593703879] ----D- C:\Program Files\Hercules O43 - CFD: 03/02/2010 - 19:08:44 - [383005145] ----D- C:\Program Files\Hewlett-Packard O43 - CFD: 23/10/2011 - 10:47:24 - [39042307] --H-D- C:\Program Files\InstallShield Installation Information O43 - CFD: 16/09/2011 - 19:35:58 - [6218856] ----D- C:\Program Files\Internet Explorer O43 - CFD: 17/09/2011 - 17:27:32 - [15879488] ----D- C:\Program Files\IZArc O43 - CFD: 17/09/2011 - 17:33:04 - [178543102] ----D- C:\Program Files\Java O43 - CFD: 06/02/2010 - 16:23:06 - [427944] ----D- C:\Program Files\JavaRa O43 - CFD: 10/06/2011 - 21:29:02 - [3636496] ----D- C:\Program Files\KeyScrambler O43 - CFD: 15/07/2011 - 13:19:04 - [458156175] ----D- C:\Program Files\LibreOffice 3 O43 - CFD: 21/10/2011 - 17:13:36 - [23342150] ----D- C:\Program Files\Logitech O43 - CFD: 15/09/2011 - 19:01:18 - [7028520] ----D- C:\Program Files\Malwarebytes' Anti-Malware O43 - CFD: 06/02/2010 - 10:17:46 - [2152579] ----D- C:\Program Files\Messenger O43 - CFD: 04/06/2010 - 22:05:04 - [226432] ----D- C:\Program Files\Microsoft O43 - CFD: 03/02/2010 - 18:18:22 - [0] ----D- C:\Program Files\microsoft frontpage O43 - CFD: 04/02/2010 - 17:48:16 - [91455654] ----D- C:\Program Files\Microsoft Office O43 - CFD: 03/02/2010 - 19:37:42 - [185951459] ----D- C:\Program Files\Microsoft Works O43 - CFD: 03/02/2010 - 19:29:32 - [7824320] ----D- C:\Program Files\Microsoft Works Suite 2004 O43 - CFD: 01/05/2011 - 14:38:38 - [10374874] ----D- C:\Program Files\Movie Maker O43 - CFD: 21/10/2011 - 17:36:08 - [42704115] ----D- C:\Program Files\Mozilla Firefox O43 - CFD: 21/10/2011 - 17:46:12 - [40726931] ----D- C:\Program Files\Mozilla Thunderbird O43 - CFD: 06/02/2010 - 09:45:00 - [25757] ----D- C:\Program Files\MSBuild O43 - CFD: 13/03/2010 - 17:58:50 - [54796833] ----D- C:\Program Files\MSECache O43 - CFD: 03/02/2010 - 18:14:52 - [19278399] ----D- C:\Program Files\MSN O43 - CFD: 03/02/2010 - 18:15:22 - [8745735] ----D- C:\Program Files\MSN Gaming Zone O43 - CFD: 06/02/2010 - 10:29:24 - [0] ----D- C:\Program Files\MSXML 4.0 O43 - CFD: 03/02/2010 - 18:16:54 - [3285523] ----D- C:\Program Files\NetMeeting O43 - CFD: 10/07/2011 - 09:57:38 - [139122004] ----D- C:\Program Files\Nokia O43 - CFD: 27/02/2010 - 13:48:38 - [489912] ----D- C:\Program Files\NOS O43 - CFD: 03/02/2010 - 18:15:30 - [1804] ----D- C:\Program Files\Online Services O43 - CFD: 01/05/2011 - 14:37:36 - [4379321] ----D- C:\Program Files\Outlook Express O43 - CFD: 10/07/2011 - 09:56:54 - [13586855] ----D- C:\Program Files\PC Connectivity Solution O43 - CFD: 17/09/2011 - 17:42:00 - [32867587] ----D- C:\Program Files\PDFCreator O43 - CFD: 21/03/2010 - 19:07:50 - [598933] ----D- C:\Program Files\Q-Dir O43 - CFD: 06/10/2011 - 20:31:20 - [673546] ----D- C:\Program Files\Q-Dir_Portable O43 - CFD: 23/03/2010 - 18:58:50 - [55040784] ----D- C:\Program Files\RagTime Solo O43 - CFD: 19/08/2011 - 14:50:16 - [0] ----D- C:\Program Files\Real O43 - CFD: 03/02/2010 - 18:41:38 - [70681010] ----D- C:\Program Files\Realtek O43 - CFD: 06/02/2010 - 09:44:56 - [36400897] ----D- C:\Program Files\Reference Assemblies O43 - CFD: 02/06/2010 - 16:54:18 - [6266910] ----D- C:\Program Files\RegSeeker O43 - CFD: 07/02/2010 - 11:08:38 - [794507] ----D- C:\Program Files\SafeXP O43 - CFD: 03/02/2010 - 18:17:18 - [1025] ----D- C:\Program Files\Services en ligne O43 - CFD: 27/01/2011 - 18:43:04 - [3207581] ----D- C:\Program Files\SpamBayes O43 - CFD: 17/10/2011 - 20:10:34 - [5663474] ----D- C:\Program Files\SpywareBlaster O43 - CFD: 02/03/2010 - 20:32:14 - [0] ----D- C:\Program Files\Stardock O43 - CFD: 11/06/2010 - 21:17:00 - [1824866] ----D- C:\Program Files\StartClock O43 - CFD: 13/05/2011 - 21:04:46 - [0] ----D- C:\Program Files\ToniArts O43 - CFD: 12/10/2010 - 18:01:42 - [0] ----D- C:\Program Files\Trend Micro O43 - CFD: 03/02/2010 - 18:22:28 - [0] --H-D- C:\Program Files\Uninstall Information O43 - CFD: 01/05/2011 - 15:31:28 - [232012] ----D- C:\Program Files\Unlocker O43 - CFD: 06/02/2010 - 17:06:02 - [84966644] ----D- C:\Program Files\VideoLAN O43 - CFD: 26/06/2011 - 09:54:14 - [6813675] ----D- C:\Program Files\VS Revo Group O43 - CFD: 04/06/2010 - 22:05:24 - [81920207] ----D- C:\Program Files\Windows Live O43 - CFD: 09/07/2010 - 17:59:54 - [4956013] ----D- C:\Program Files\Windows Media Player O43 - CFD: 03/02/2010 - 18:15:16 - [3942655] ----D- C:\Program Files\Windows NT O43 - CFD: 03/02/2010 - 18:17:20 - [0] --H-D- C:\Program Files\WindowsUpdate O43 - CFD: 06/02/2010 - 17:04:48 - [1921830] ----D- C:\Program Files\Winmail Reader O43 - CFD: 03/02/2010 - 18:18:22 - [0] ----D- C:\Program Files\xerox O43 - CFD: 17/09/2011 - 18:01:48 - [29789347] ----D- C:\Program Files\XnView O43 - CFD: 06/02/2010 - 15:32:22 - [631028] ----D- C:\Program Files\xp-AntiSpy O43 - CFD: 01/11/2011 - 13:01:30 - [121649144] ----D- C:\Program Files\ZebHelpProcess O43 - CFD: 04/02/2010 - 22:19:56 - [21741707] ----D- C:\Program Files\Zone Labs O43 - CFD: 06/02/2010 - 16:49:52 - [5173920] ----D- C:\Program Files\Fichiers Communs\ABBYY O43 - CFD: 09/07/2011 - 17:50:50 - [3556041] ----D- C:\Program Files\Fichiers Communs\Adobe O43 - CFD: 07/02/2010 - 22:26:40 - [628585] ----D- C:\Program Files\Fichiers Communs\Ahead O43 - CFD: 06/02/2010 - 10:41:22 - [4890866] ----D- C:\Program Files\Fichiers Communs\ArcSoft O43 - CFD: 27/09/2010 - 18:31:28 - [7675824] ----D- C:\Program Files\Fichiers Communs\Borland Shared O43 - CFD: 02/03/2011 - 18:42:38 - [880669] ----D- C:\Program Files\Fichiers Communs\Canon O43 - CFD: 03/02/2010 - 19:36:52 - [86016] ----D- C:\Program Files\Fichiers Communs\Designer O43 - CFD: 03/02/2010 - 19:04:44 - [140439] ----D- C:\Program Files\Fichiers Communs\Hewlett-Packard O43 - CFD: 03/02/2010 - 18:26:08 - [6757578] ----D- C:\Program Files\Fichiers Communs\InstallShield O43 - CFD: 17/09/2011 - 17:33:28 - [1239723] ----D- C:\Program Files\Fichiers Communs\Java O43 - CFD: 21/10/2011 - 17:14:40 - [23565544] ----D- C:\Program Files\Fichiers Communs\LogiShrd O43 - CFD: 16/09/2011 - 19:40:28 - [132559667] ----D- C:\Program Files\Fichiers Communs\Microsoft Shared O43 - CFD: 03/02/2010 - 18:16:50 - [592384] ----D- C:\Program Files\Fichiers Communs\MSSoap O43 - CFD: 04/08/2011 - 13:44:34 - [84064334] ----D- C:\Program Files\Fichiers Communs\Nokia O43 - CFD: 03/02/2010 - 19:08:58 - [0] ----D- C:\Program Files\Fichiers Communs\ODBC O43 - CFD: 10/07/2011 - 09:57:40 - [88064] ----D- C:\Program Files\Fichiers Communs\PCSuite O43 - CFD: 03/02/2010 - 18:16:52 - [8106] ----D- C:\Program Files\Fichiers Communs\Services O43 - CFD: 03/02/2010 - 19:08:56 - [3787229] ----D- C:\Program Files\Fichiers Communs\SpeechEngines O43 - CFD: 03/02/2010 - 18:16:16 - [7450293] ----D- C:\Program Files\Fichiers Communs\System O43 - CFD: 06/02/2010 - 11:05:30 - [93253411] ----D- C:\Program Files\Fichiers Communs\Windows Live O43 - CFD: 27/11/2010 - 12:59:46 - [183433] ----D- C:\Documents and Settings\Taranis\Application Data\Adobe O43 - CFD: 07/02/2010 - 11:03:40 - [43062] ----D- C:\Documents and Settings\Taranis\Application Data\Ahead O43 - CFD: 17/01/2011 - 21:25:00 - [0] ----D- C:\Documents and Settings\Taranis\Application Data\Apple Computer O43 - CFD: 06/02/2010 - 10:42:52 - [121] ----D- C:\Documents and Settings\Taranis\Application Data\ArcSoft O43 - CFD: 03/02/2010 - 19:01:08 - [0] ----D- C:\Documents and Settings\Taranis\Application Data\ATI O43 - CFD: 17/10/2011 - 19:24:50 - [0] ----D- C:\Documents and Settings\Taranis\Application Data\Avira O43 - CFD: 02/03/2011 - 19:15:52 - [6602] ----D- C:\Documents and Settings\Taranis\Application Data\Canon O43 - CFD: 05/03/2011 - 12:32:58 - [0] ----D- C:\Documents and Settings\Taranis\Application Data\CheckPoint O43 - CFD: 09/05/2010 - 15:20:00 - [1503] ----D- C:\Documents and Settings\Taranis\Application Data\DeepBurner O43 - CFD: 25/09/2010 - 14:46:58 - [0] ----D- C:\Documents and Settings\Taranis\Application Data\DivX O43 - CFD: 11/02/2011 - 18:44:32 - [4620] ----D- C:\Documents and Settings\Taranis\Application Data\Grisbi O43 - CFD: 11/02/2011 - 18:46:22 - [203] ----D- C:\Documents and Settings\Taranis\Application Data\gtk-2.0 O43 - CFD: 03/02/2010 - 19:09:06 - [2828] ----D- C:\Documents and Settings\Taranis\Application Data\Hewlett-Packard O43 - CFD: 02/05/2011 - 21:00:36 - [0] ----D- C:\Documents and Settings\Taranis\Application Data\InstallShield O43 - CFD: 26/03/2010 - 17:45:06 - [345] ----D- C:\Documents and Settings\Taranis\Application Data\Leadertech O43 - CFD: 14/07/2011 - 11:10:54 - [1994120] ----D- C:\Documents and Settings\Taranis\Application Data\LibreOffice O43 - CFD: 26/03/2010 - 17:43:06 - [459340] ----D- C:\Documents and Settings\Taranis\Application Data\Logishrd O43 - CFD: 26/03/2010 - 17:45:32 - [28765] ----D- C:\Documents and Settings\Taranis\Application Data\Logitech O43 - CFD: 06/02/2010 - 09:58:06 - [470] ----D- C:\Documents and Settings\Taranis\Application Data\Macromedia O43 - CFD: 06/02/2010 - 17:18:16 - [0] ----D- C:\Documents and Settings\Taranis\Application Data\Malwarebytes O43 - CFD: 27/11/2010 - 12:59:46 - [3611939] -S--D- C:\Documents and Settings\Taranis\Application Data\Microsoft O43 - CFD: 04/02/2010 - 17:57:00 - [39682660] ----D- C:\Documents and Settings\Taranis\Application Data\Mozilla O43 - CFD: 10/07/2011 - 17:37:32 - [1102022] ----D- C:\Documents and Settings\Taranis\Application Data\Nokia O43 - CFD: 25/10/2010 - 19:49:48 - [33179] ----D- C:\Documents and Settings\Taranis\Application Data\Nokia Ovi Suite O43 - CFD: 14/02/2010 - 19:01:54 - [2519551] ----D- C:\Documents and Settings\Taranis\Application Data\OpenOffice.org O43 - CFD: 25/10/2010 - 17:42:20 - [784977] ----D- C:\Documents and Settings\Taranis\Application Data\PC Suite O43 - CFD: 21/03/2010 - 19:10:00 - [690] ----D- C:\Documents and Settings\Taranis\Application Data\Q-Dir O43 - CFD: 10/06/2011 - 21:36:36 - [95] ----D- C:\Documents and Settings\Taranis\Application Data\QFX Software O43 - CFD: 03/08/2011 - 14:02:28 - [58268] ----D- C:\Documents and Settings\Taranis\Application Data\QuickScan O43 - CFD: 23/03/2010 - 18:59:00 - [27040] ----D- C:\Documents and Settings\Taranis\Application Data\RagTime O43 - CFD: 19/08/2011 - 14:49:50 - [0] ----D- C:\Documents and Settings\Taranis\Application Data\Real O43 - CFD: 26/01/2011 - 21:00:32 - [144373] ----D- C:\Documents and Settings\Taranis\Application Data\SpamBayes O43 - CFD: 04/02/2010 - 17:40:10 - [89995369] ----D- C:\Documents and Settings\Taranis\Application Data\Sun O43 - CFD: 06/06/2010 - 12:49:58 - [16798852] ----D- C:\Documents and Settings\Taranis\Application Data\Thunderbird O43 - CFD: 09/07/2011 - 18:02:20 - [789313] ----D- C:\Documents and Settings\Taranis\Application Data\vlc O43 - CFD: 09/07/2011 - 19:34:30 - [2148423] ----D- C:\Documents and Settings\Taranis\Application Data\XnView O43 - CFD: 06/02/2010 - 16:48:08 - [0] ----D- C:\Documents and Settings\Taranis\Local Settings\Application Data\ABBYY O43 - CFD: 27/11/2010 - 13:55:24 - [176320813] ----D- C:\Documents and Settings\Taranis\Local Settings\Application Data\Adobe O43 - CFD: 07/02/2010 - 11:03:32 - [1973629] ----D- C:\Documents and Settings\Taranis\Local Settings\Application Data\Ahead O43 - CFD: 17/01/2011 - 21:20:10 - [0] ----D- C:\Documents and Settings\Taranis\Local Settings\Application Data\Apple O43 - CFD: 17/01/2011 - 21:19:52 - [0] ----D- C:\Documents and Settings\Taranis\Local Settings\Application Data\Apple Computer O43 - CFD: 09/07/2011 - 17:37:06 - [586] ----D- C:\Documents and Settings\Taranis\Local Settings\Application Data\AskToolbar O43 - CFD: 03/02/2010 - 19:01:08 - [67077] ----D- C:\Documents and Settings\Taranis\Local Settings\Application Data\ATI O43 - CFD: 05/03/2011 - 14:33:52 - [42741924] ----D- C:\Documents and Settings\Taranis\Local Settings\Application Data\Google O43 - CFD: 03/02/2010 - 19:45:52 - [309460] ----D- C:\Documents and Settings\Taranis\Local Settings\Application Data\Identities O43 - CFD: 13/03/2010 - 17:06:16 - [0] ----D- C:\Documents and Settings\Taranis\Local Settings\Application Data\Innovative Solutions O43 - CFD: 20/10/2010 - 20:00:00 - [170] ----D- C:\Documents and Settings\Taranis\Local Settings\Application Data\LogiShrd O43 - CFD: 17/09/2011 - 15:46:38 - [276168087] ----D- C:\Documents and Settings\Taranis\Local Settings\Application Data\Microsoft O43 - CFD: 04/02/2010 - 17:34:58 - [41858952] ----D- C:\Documents and Settings\Taranis\Local Settings\Application Data\Mozilla O43 - CFD: 25/10/2010 - 17:44:26 - [2095601] ----D- C:\Documents and Settings\Taranis\Local Settings\Application Data\Nokia O43 - CFD: 04/08/2011 - 13:46:42 - [1981] ----D- C:\Documents and Settings\Taranis\Local Settings\Application Data\NokiaAccount O43 - CFD: 16/09/2011 - 20:20:38 - [0] ----D- C:\Documents and Settings\Taranis\Local Settings\Application Data\Solid State Networks O43 - CFD: 09/10/2011 - 09:46:50 - [488] ----D- C:\Documents and Settings\Taranis\Local Settings\Application Data\Sun O43 - CFD: 27/11/2010 - 12:59:46 - [0] ----D- C:\Documents and Settings\Taranis\Local Settings\Application Data\Temp O43 - CFD: 17/09/2011 - 17:51:38 - [1063401] ----D- C:\Documents and Settings\Taranis\Local Settings\Application Data\Thunderbird ~ Scan Program Folder in 00mn 19s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.C020CF5409DB2EE87A6A69363A2A70B9] - 31/10/2011 - 18:19:51 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512] O44 - LFC:[MD5.8DF18DC8A297279B7A504CF83A0A64AC] - 31/10/2011 - 18:08:25 ---A- . (...) -- C:\WINDOWS\setupapi.log [2254] O44 - LFC:[MD5.BEE0ED334200A702B9D9D9AD20230205] - 31/10/2011 - 13:38:18 ---A- . (...) -- C:\hpfr3420.xml [525] O44 - LFC:[MD5.D350AB5D951E600BE873FCEE7C2817D5] - 01/11/2011 - 12:55:01 ---A- . (...) -- C:\PDOXUSRS.NET [13030] O44 - LFC:[MD5.CE0631B8799A0620C41172DA2A96B57E] - 01/11/2011 - 12:48:40 ---A- . (...) -- C:\WINDOWS\system32\PerfStringBackup.INI [1101918] O44 - LFC:[MD5.E0EDA7697E17E20D944DFFC0184DB01B] - 01/11/2011 - 12:48:40 ---A- . (...) -- C:\WINDOWS\system32\perfc009.dat [68456] O44 - LFC:[MD5.AE00D617FC16AA3A785808AF03F90839] - 01/11/2011 - 12:48:40 ---A- . (...) -- C:\WINDOWS\system32\perfc00C.dat [82120] O44 - LFC:[MD5.39C21B5C1218AE72C2EF5D800043B26C] - 01/11/2011 - 12:48:40 ---A- . (...) -- C:\WINDOWS\system32\perfh009.dat [434268] O44 - LFC:[MD5.20798190C589F370E8FA45BA8E7E5EB7] - 01/11/2011 - 12:48:40 ---A- . (...) -- C:\WINDOWS\system32\perfh00C.dat [503644] O44 - LFC:[MD5.B24CB42CDA3B1E861EDD5C5B91F741B5] - 01/11/2011 - 12:45:24 ---A- . (...) -- C:\WINDOWS\WindowsUpdate.log [1998455] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 01/11/2011 - 12:45:12 ---A- . (...) -- C:\WINDOWS\0.log [0] O44 - LFC:[MD5.CABD36D3A87444402470C7C13CF2536A] - 01/11/2011 - 12:44:38 ---A- . (...) -- C:\WINDOWS\wiadebug.log [236] O44 - LFC:[MD5.7C82B38B85DD2D08DA9FB095E81247C9] - 01/11/2011 - 12:44:33 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50] O44 - LFC:[MD5.C49582596A0D160FB1C3C1182955E217] - 01/11/2011 - 12:44:11 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [2048] O44 - LFC:[MD5.04D0D830FE7C642DC4B33DB8DFA4E106] - 30/10/2011 - 11:11:54 ---A- . (...) -- C:\WINDOWS\system32\wpa.dbl [2206] O44 - LFC:[MD5.24A0D16D170194B5812EA08542EBDB62] - 23/10/2011 - 10:49:03 R--A- . (.Ralink Technology, Corp. - Ralink 802.11 USB Wireless Adapter Driver.) -- C:\WINDOWS\system32\drivers\rt2870.sys [829792] O44 - LFC:[MD5.729388F023E46828037709F8D29F4C69] - 23/10/2011 - 10:49:03 R--A- . (.Ralink Technology, Inc. - Ralink CoInstaller Dynamic Link Library.) -- C:\WINDOWS\system32\RaCoInst.dll [238944] O44 - LFC:[MD5.5E0A40F4C4BD333C9D2ACCA8AE964F6F] - 21/10/2011 - 17:21:36 ---A- . (.Oracle Corporation - Java™ Control Panel.) -- C:\WINDOWS\system32\javacpl.cpl [128000] O44 - LFC:[MD5.EA0824063E8031B01F7850079689B22F] - 21/10/2011 - 17:21:36 ---A- . (.Oracle Corporation - Java™ Platform SE binary.) -- C:\WINDOWS\system32\deployJava1.dll [544656] O44 - LFC:[MD5.5938C760D06989E55A814EE88FE20E83] - 21/10/2011 - 17:21:36 ---A- . (.Oracle Corporation - Java™ Platform SE binary.) -- C:\WINDOWS\system32\java.exe [173960] O44 - LFC:[MD5.7F5FE240DBF4B9132AC492E94DC65CCF] - 21/10/2011 - 17:21:36 ---A- . (.Oracle Corporation - Java™ Platform SE binary.) -- C:\WINDOWS\system32\javaw.exe [173960] O44 - LFC:[MD5.A17B354254FCE7FBC045948533737166] - 21/10/2011 - 17:21:36 ---A- . (.Oracle Corporation - Java™ Web Start Launcher.) -- C:\WINDOWS\system32\javaws.exe [214408] O44 - LFC:[MD5.2C536D41DCE213E1D449F18B3D41EA55] - 21/10/2011 - 17:17:11 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\WINDOWS\system32\FlashPlayerCPLApp.cpl [414368] O44 - LFC:[MD5.C0382C12B784394BF16C2D8F0F1F17DC] - 21/10/2011 - 17:14:03 ---A- . (.Logitech, Inc. - Logitech Non-Plug and Play Driver..) -- C:\WINDOWS\system32\drivers\LNonPnP.sys [16400] O44 - LFC:[MD5.A36EE93698802CD899F98BFD553D8185] - 17/10/2011 - 19:24:12 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\WINDOWS\system32\drivers\ssmdrv.sys [28520] O44 - LFC:[MD5.912D23140CD05980F6CDAE790DDAFC8D] - 11/10/2011 - 14:00:32 ---A- . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\WINDOWS\system32\drivers\avipbb.sys [134344] O44 - LFC:[MD5.271CFD1A989209B1964E24D969552BF7] - 11/10/2011 - 14:00:32 ---A- . (.Avira GmbH - Avira Manager Driver.) -- C:\WINDOWS\system32\drivers\avkmgr.sys [36000] O44 - LFC:[MD5.7713E4EB0276702FAA08E52A6E23F2A6] - 11/10/2011 - 14:00:32 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\WINDOWS\system32\drivers\avgntflt.sys [74640] O44 - LFC:[MD5.8BB0A3D4A2F50118EE3AF2E03B44853F] - 06/10/2011 - 20:40:53 ---A- . (...) -- C:\WINDOWS\Q-Dir.ini [3600] O44 - LFC:[MD5.3CF09A0A997B6F6A2929296E74B32C11] - 27/05/2010 - 15:49:06 R--A- . (...) -- C:\WINDOWS\system32\RaCoInst.dat [14051] ~ Scan Files in 00mn 00s ---\\ Export de clé d'application autorisée (O47) O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation - Windows Live Call.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation - Windows Live Call.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe ~ Scan Keys in 00mn 00s ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\system32\Drivers\dmboot.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\system32\Drivers\dmio.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\system32\Drivers\sr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\Wdf01000.sys . (.Microsoft Corporation - Kernel Mode Driver Framework Runtime.) -- C:\WINDOWS\system32\Drivers\Wdf01000.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\system32\Drivers\dmboot.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\system32\Drivers\dmio.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys . (.Microsoft Corporation - IPv6 Windows Firewall Driver.) -- C:\WINDOWS\system32\Drivers\ip6fw.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\system32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\WINDOWS\system32\Drivers\rdpcdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys . (...) -- C:\WINDOWS\system32\Drivers\rdpdd.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys . (.Microsoft Corporation - RDP Terminal Stack Driver (US/Canada Only, Not for Export).) -- C:\WINDOWS\system32\Drivers\rdpwd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\system32\Drivers\sr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys . (.Microsoft Corporation - Named Pipe Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdpipe.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys . (.Microsoft Corporation - TCP Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdtcp.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\Wdf01000.sys . (.Microsoft Corporation - Kernel Mode Driver Framework Runtime.) -- C:\WINDOWS\system32\Drivers\Wdf01000.sys ~ Scan CSB in 00mn 00s ---\\ Image File Execution Options (IFEO) (O50) O50 - IFEO:Image File Execution Options - outlook.exe - StripMyRights.exe /D /L N O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d ~ Scan IFEO in 00mn 00s ---\\ Trojan Driver Search Data (HKLM) (O52) O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech™ DSP Group pour MSACM V3.50.) -- C:\WINDOWS\system32\tssoft32.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\system32\iccvid.dll O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\system32\ir41_32.ax O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\system32\ir50_32.dll O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm O52 - TDSD: \Drivers32\"vidc.yv12"="yv12vfw.dll" . (.www.helixcommunity.org - Helix YV12 YUV Codec.) -- C:\WINDOWS\system32\yv12vfw.dll O52 - TDSD: \Drivers32\"msacm.lameacm"="LameACM.acm" . (.http://www.mp3dev.org/ - Lame MP3 codec engine.) -- C:\WINDOWS\system32\LameACM.acm O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (...) -- (.not file.) O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm O52 - TDSD: \drivers.desc\"LameACM.acm"="Lame ACM MP3 Codec" . (.http://www.mp3dev.org/ - Lame MP3 codec engine.) -- C:\WINDOWS\system32\LameACM.acm ~ Scan Keys in 00mn 00s ---\\ Microsoft Control Security Providers (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies Explorer (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145 O56 - MWPE:[HKLM\...\policies\Explorer] - "HonorAutoRunSetting"=1 ~ Scan Keys in 00mn 00s ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.A7B8A3A79D35215D798A300DF49ED23F] - 01/11/2011 - 14:58:56 ---A- . (.Arcsoft, Inc. - Arcsoft® ASPI Shell.) -- C:\WINDOWS\system32\drivers\afc.sys [11776] O58 - SDL:[MD5.B34B1AB0A7690A0E2301FEC6D17B2FC1] - 01/11/2011 - 20:28:37 ---A- . (.Oak Technology Inc. - Audio File System.) -- C:\WINDOWS\system32\drivers\AFS2K.SYS [82380] O58 - SDL:[MD5.F6AF59D6EEE5E1C304F7F73706AD11D8] - 01/11/2011 - 13:10:12 ---A- . (.Creative - Creative WDM 3D Audio Driver.) -- C:\WINDOWS\system32\drivers\Ambfilt.sys [1684736] O58 - SDL:[MD5.033448D435E65C4BD72E70521FD05C76] - 01/11/2011 - 16:46:34 ---A- . (.Advanced Micro Devices - AMD Processor Driver.) -- C:\WINDOWS\system32\drivers\AmdPPM.sys [33792] O58 - SDL:[MD5.913DA327AD22C6FA44C41D36FD8CC570] - 01/11/2011 - 23:20:10 ---A- . (.ATI Technologies Inc. - ATI Radeon WindowsNT Miniport Driver.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys [7084544] O58 - SDL:[MD5.7713E4EB0276702FAA08E52A6E23F2A6] - 01/11/2011 - 14:00:32 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\WINDOWS\system32\drivers\avgntflt.sys [74640] O58 - SDL:[MD5.912D23140CD05980F6CDAE790DDAFC8D] - 01/11/2011 - 14:00:32 ---A- . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\WINDOWS\system32\drivers\avipbb.sys [134344] O58 - SDL:[MD5.271CFD1A989209B1964E24D969552BF7] - 01/11/2011 - 14:00:32 ---A- . (.Avira GmbH - Avira Manager Driver.) -- C:\WINDOWS\system32\drivers\avkmgr.sys [36000] O58 - SDL:[MD5.CFE3462A9E94A57DCD9676F6B7FE7F67] - 01/11/2011 - 09:12:28 ---A- . (.Nokia - Nokia USB Phone Bus Driver.) -- C:\WINDOWS\system32\drivers\ccdcmb.sys [18176] O58 - SDL:[MD5.8F2A94F991F8C73CEC26B4B5620D1EDC] - 01/11/2011 - 09:12:32 ---A- . (.Nokia - Nokia USB Phone Bus Driver.) -- C:\WINDOWS\system32\drivers\ccdcmbo.sys [23168] O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 01/11/2011 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys [262528] O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 01/11/2011 - 13:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys [11776] O58 - SDL:[MD5.573C7D0A32852B48F3058CFD8026F511] - 01/11/2011 - 08:36:06 ---A- . (.Windows ® Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\system32\drivers\hdaudbus.sys [144384] O58 - SDL:[MD5.863CC3A82C63C9F60ACF2E85D5310620] - 01/11/2011 - 05:31:00 R--A- . (.HP - IEEE-1284.4-1999 Driver (Windows 2000).) -- C:\WINDOWS\system32\drivers\hpzid412.sys [51024] O58 - SDL:[MD5.08CB72E95DD75B61F2966B311D0E4366] - 01/11/2011 - 05:31:02 R--A- . (.HP - IEEE-1284.4-1999 Print Class Driver.) -- C:\WINDOWS\system32\drivers\HPZipr12.sys [16080] O58 - SDL:[MD5.CA990306ED4EF732AF9695BFF24FC96F] - 01/11/2011 - 05:31:02 R--A- . (.HP - 1284.4<->Usb Datalink Driver (Windows 2000).) -- C:\WINDOWS\system32\drivers\HPZius12.sys [21456] O58 - SDL:[MD5.8F1BB80D589AFFB9C5E9CD7544251B29] - 01/11/2011 - 23:14:38 ---A- . (.QFX Software Corporation - KeyScrambler Keyboard Encryption Driver.) -- C:\WINDOWS\system32\drivers\keyscrambler.sys [225856] O58 - SDL:[MD5.BE2DC24D403643A2D1D98F33C7087B38] - 01/11/2011 - 07:30:58 ---A- . (.Logitech, Inc. - Logitech Consumer Control Filter Driver..) -- C:\WINDOWS\system32\drivers\LBeepKE.sys [12184] O58 - SDL:[MD5.01CC7FB6E790EF044B411377F3A1FF41] - 01/11/2011 - 07:31:20 ---A- . (.Logitech, Inc. - Logitech HID Filter Driver..) -- C:\WINDOWS\system32\drivers\LHidFilt.Sys [41240] O58 - SDL:[MD5.A2E7EAE8898D7B4B8C302B8F4E836BB5] - 01/11/2011 - 07:31:28 ---A- . (.Logitech, Inc. - Logitech Mouse Filter Driver..) -- C:\WINDOWS\system32\drivers\LMouFilt.Sys [39192] O58 - SDL:[MD5.C0382C12B784394BF16C2D8F0F1F17DC] - 01/11/2011 - 17:14:03 ---A- . (.Logitech, Inc. - Logitech Non-Plug and Play Driver..) -- C:\WINDOWS\system32\drivers\LNonPnP.sys [16400] O58 - SDL:[MD5.69A6268D7F81E53D568AB4E7E991CAF3] - 01/11/2011 - 16:00:50 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys [22216] O58 - SDL:[MD5.9FA7207D1B1ADEAD88AE8EED9CDBBAA5] - 01/11/2011 - 08:41:48 ---A- . (.Creative Technology Ltd. - Creative WDM Audio Driver (32-bit).) -- C:\WINDOWS\system32\drivers\Monfilt.sys [1389056] O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 01/11/2011 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys [12032] O58 - SDL:[MD5.99145C5D4B6C4D6F5CE83EE6ABFFE294] - 01/11/2011 - 09:09:48 ---A- . (.Nokia - Nokia USB Phone Bus Driver.) -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys [137600] O58 - SDL:[MD5.FAEE7B61C6885B091CEC1FF06DA2E1AB] - 01/11/2011 - 09:09:48 ---A- . (.Nokia - Nokia USB Phone Generic Client.) -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [8576] O58 - SDL:[MD5.FD2041E9BA03DB7764B2248F02475079] - 01/11/2011 - 09:26:12 ---A- . (.Nokia - PCCS Mode Change Filter Driver.) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys [18816] O58 - SDL:[MD5.A20AC92609F3B246BE3B761BB72FC6A5] - 01/11/2011 - 10:29:08 R--A- . (.Prolific Technology Inc. - Prolific Flash Disk Filter Driver.) -- C:\WINDOWS\system32\drivers\plff.sys [7424] O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 01/11/2011 - 13:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys [17792] O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 01/11/2011 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys [12032] O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 01/11/2011 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys [12032] O58 - SDL:[MD5.24A0D16D170194B5812EA08542EBDB62] - 01/11/2011 - 15:52:12 R--A- . (.Ralink Technology, Corp. - Ralink 802.11 USB Wireless Adapter Driver.) -- C:\WINDOWS\system32\drivers\rt2870.sys [829792] O58 - SDL:[MD5.00FD6811350E175585ABCF7D4A61DD90] - 01/11/2011 - 03:22:16 R--A- . (.Realtek Semiconductor Corporation - Realtek 10/100/1000 NDIS 5.1 Driver.) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys [141568] O58 - SDL:[MD5.0C5A04F0FFAEBC25AC815EE14441A8CB] - 01/11/2011 - 11:02:46 ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys [5085184] O58 - SDL:[MD5.1674A34F0084BFFDEC2DCDB1625A87F0] - 01/11/2011 - 02:03:54 ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\WINDOWS\system32\drivers\RtKHDMI.sys [3733760] O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 01/11/2011 - 08:39:16 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys [20480] O58 - SDL:[MD5.A36EE93698802CD899F98BFD553D8185] - 01/11/2011 - 14:14:27 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\WINDOWS\system32\drivers\ssmdrv.sys [28520] O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 01/11/2011 - 13:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys [21376] O58 - SDL:[MD5.EC01DA44B090D2651FC032C8B9257232] - 01/11/2011 - 09:12:36 ---A- . (.Nokia - Filter Driver for Nokia USB Phone Bus Driver.) -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys [8192] O58 - SDL:[MD5.4ABD37CFBD710E64F01F9DA8710C73F7] - 01/11/2011 - 09:12:38 ---A- . (.Nokia - Filter Driver for Nokia USB Phone Bus Driver.) -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys [8192] O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 01/11/2011 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys [58112] O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 01/11/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037] O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 01/11/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097] O58 - SDL:[MD5.77EBF3E9386DAA51551AF429052D88D0] - 01/11/2011 - 20:33:26 ---A- . (...) -- C:\WINDOWS\system32\giveio.sys [5248] O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 01/11/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4912] O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 01/11/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809] O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 01/11/2011 - 08:50:56 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537] O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 01/11/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27916] O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 01/11/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146] O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 01/11/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370] O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 01/11/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274] O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 01/11/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146] O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 01/11/2011 - 08:49:52 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [34000] O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 01/11/2011 - 08:49:44 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560] O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 01/11/2011 - 08:49:40 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648] O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 01/11/2011 - 08:49:44 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424] O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 01/11/2011 - 08:49:42 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560] O58 - SDL:[MD5.5D6401DB90EC81B71F8E2C5C8F0FEF23] - 01/11/2011 - 14:28:46 ---A- . (.Windows ® 2000 DDK provider - SpeedFan Device Driver.) -- C:\WINDOWS\system32\speedfan.sys [5248] O58 - SDL:[MD5.050C38EBB22512122E54B47DC278BCCD] - 01/11/2011 - 10:02:32 ---A- . (.Check Point Software Technologies LTD - ZoneAlarm Firewalling Driver.) -- C:\WINDOWS\system32\vsdatant.sys [532224] ~ Scan Drivers in 00mn 00s ---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61) O61 - LFC:Last File Created 01/11/2011 - 00:38:19 ---A- C:\Documents And Settings\Mamounette\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\bookmarkbackups\bookmarks-2011-11-01.json [38938] O61 - LFC:Last File Created 01/11/2011 - 00:38:24 ---A- C:\Documents And Settings\Mamounette\Application Data\Mozilla\Firefox\Crash Reports\pending\4a122f0b-3d57-4148-80b0-5ba7691064a7.dmp [18037] O61 - LFC:Last File Created 01/11/2011 - 00:38:24 ---A- C:\Documents And Settings\Mamounette\Application Data\Mozilla\Firefox\Crash Reports\pending\4a122f0b-3d57-4148-80b0-5ba7691064a7.extra [2180] O61 - LFC:Last File Created 01/11/2011 - 00:38:25 ---A- C:\Documents And Settings\Mamounette\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\permissions.sqlite [3018752] O61 - LFC:Last File Created 01/11/2011 - 00:57:18 ---A- C:\Documents And Settings\Mamounette\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sol [470] O61 - LFC:Last File Created 01/11/2011 - 00:57:19 ---A- C:\Documents And Settings\Mamounette\Application Data\Mozilla\Firefox\Crash Reports\pending\97c82447-48d3-4f6a-b43a-41769d72513c.dmp [18037] O61 - LFC:Last File Created 01/11/2011 - 00:57:19 ---A- C:\Documents And Settings\Mamounette\Application Data\Mozilla\Firefox\Crash Reports\pending\97c82447-48d3-4f6a-b43a-41769d72513c.extra [2180] O61 - LFC:Last File Created 01/11/2011 - 00:58:54 ---A- C:\Documents And Settings\Mamounette\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\signons.sqlite [33792] O61 - LFC:Last File Created 01/11/2011 - 01:01:34 ---A- C:\Documents And Settings\Mamounette\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\adblockplus\cache.js [705211] O61 - LFC:Last File Created 01/11/2011 - 01:01:34 ---A- C:\Documents And Settings\Mamounette\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\cert8.db [229376] O61 - LFC:Last File Created 01/11/2011 - 01:01:34 ---A- C:\Documents And Settings\Mamounette\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\cookies.sqlite [524288] O61 - LFC:Last File Created 01/11/2011 - 01:01:34 ---A- C:\Documents And Settings\Mamounette\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\key3.db [16384] O61 - LFC:Last File Created 01/11/2011 - 01:01:34 ---A- C:\Documents And Settings\Mamounette\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\localstore.rdf [33778] O61 - LFC:Last File Created 01/11/2011 - 01:01:34 ---A- C:\Documents And Settings\Mamounette\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\places.sqlite [10485760] O61 - LFC:Last File Created 01/11/2011 - 01:01:34 ---A- C:\Documents And Settings\Mamounette\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\prefs.js [34765] O61 - LFC:Last File Created 01/11/2011 - 01:01:34 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\Cache\_CACHE_001_ [16384] O61 - LFC:Last File Created 01/11/2011 - 01:01:34 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\Cache\_CACHE_002_ [4096] O61 - LFC:Last File Created 01/11/2011 - 01:01:34 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\Cache\_CACHE_003_ [1024] O61 - LFC:Last File Created 01/11/2011 - 01:01:34 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\Cache\_CACHE_MAP_ [8468] O61 - LFC:Last File Created 01/11/2011 - 01:01:34 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\OfflineCache\index.sqlite [262144] O61 - LFC:Last File Created 01/11/2011 - 01:01:34 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\urlclassifier3.sqlite [50352128] O61 - LFC:Last File Created 01/11/2011 - 09:05:26 ---A- C:\Documents And Settings\Mamounette\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\bookmarkbackups\bookmarks-2011-10-29.json [38938] O61 - LFC:Last File Created 01/11/2011 - 09:13:45 ---A- C:\Documents And Settings\Mamounette\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\adblockplus\elemhide.css [969352] O61 - LFC:Last File Created 01/11/2011 - 09:39:40 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Windows Live Mail\Cegetel\Inbox\00E318E2-00000AF1.eml [4977] O61 - LFC:Last File Created 01/11/2011 - 09:39:43 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Windows Live Mail\Cegetel\Sent Items\0CE157AA-0000030B.eml [5948] O61 - LFC:Last File Created 01/11/2011 - 09:41:51 ---A- C:\Documents And Settings\Mamounette\Bureau\DSCN0738.MOV [42744265] O61 - LFC:Last File Created 01/11/2011 - 10:16:44 ---A- C:\Documents And Settings\Mamounette\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\bookmarkbackups\bookmarks-2011-10-31.json [38938] O61 - LFC:Last File Created 01/11/2011 - 11:16:53 -S-A- C:\Documents And Settings\Mamounette\Application Data\Microsoft\CryptnetUrlCache\Content\7B2238AACCEDC3F1FFE8E7EB5F575EC9 [552] O61 - LFC:Last File Created 01/11/2011 - 11:16:53 -S-A- C:\Documents And Settings\Mamounette\Application Data\Microsoft\CryptnetUrlCache\MetaData\7B2238AACCEDC3F1FFE8E7EB5F575EC9 [132] O61 - LFC:Last File Created 01/11/2011 - 11:30:06 ---A- C:\Documents And Settings\Mamounette\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\bookmarkbackups\bookmarks-2011-10-30.json [38938] O61 - LFC:Last File Created 01/11/2011 - 11:53:19 -SHA- C:\Documents And Settings\Mamounette\Application Data\Microsoft\Credentials\S-1-5-21-1547161642-1897051121-725345543-1007\Credentials [588] O61 - LFC:Last File Created 01/11/2011 - 11:53:58 ---A- C:\Documents And Settings\Mamounette\Local Settings\Temp\IswTmp\Logs\FFApi.swl [1004] O61 - LFC:Last File Created 01/11/2011 - 11:54:04 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG [1024] O61 - LFC:Last File Created 01/11/2011 - 11:54:10 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\ATI\ACE\Manifest.Bin [32089] O61 - LFC:Last File Created 01/11/2011 - 11:54:10 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\ATI\ACE\Manifest.xml [23698] O61 - LFC:Last File Created 01/11/2011 - 11:54:19 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Windows Live Mail\Backup\new\Mail.MSMessageStore [2121728] O61 - LFC:Last File Created 01/11/2011 - 11:54:20 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Windows Live Mail\Backup\new\Mail.pat [16384] O61 - LFC:Last File Created 01/11/2011 - 11:54:20 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Windows Live Mail\Mail.pat [16384] O61 - LFC:Last File Created 01/11/2011 - 11:54:24 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Windows Live Mail\xxxxx @hotmail.fr\oeconfig.xml [19588] O61 - LFC:Last File Created 01/11/2011 - 11:54:30 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Windows Live Mail\Hotmail\account{40ABED59-A09A-4768-B71D-F0E514FC1989}.oeaccount [5164] O61 - LFC:Last File Created 01/11/2011 - 11:54:34 ----- C:\Documents And Settings\Mamounette\Local Settings\Historique\History.IE5\index.dat [114688] O61 - LFC:Last File Created 01/11/2011 - 11:54:34 -SHA- C:\Documents And Settings\Mamounette\Cookies\index.dat [32768] O61 - LFC:Last File Created 01/11/2011 - 11:54:34 -SHA- C:\Documents And Settings\Mamounette\IETldCache\index.dat [262144] O61 - LFC:Last File Created 01/11/2011 - 11:54:42 ---A- C:\Documents And Settings\Mamounette\Cookies\1K60PFXB.txt [240] O61 - LFC:Last File Created 01/11/2011 - 11:54:42 ---A- C:\Documents And Settings\Mamounette\Cookies\ALASGDT1.txt [268] O61 - LFC:Last File Created 01/11/2011 - 11:54:42 ---A- C:\Documents And Settings\Mamounette\Cookies\H6NLTWZP.txt [240] O61 - LFC:Last File Created 01/11/2011 - 11:54:42 ---A- C:\Documents And Settings\Mamounette\Cookies\JWVDJG07.txt [258] O61 - LFC:Last File Created 01/11/2011 - 11:54:42 ---A- C:\Documents And Settings\Mamounette\Cookies\RNUZNWRE.txt [238] O61 - LFC:Last File Created 01/11/2011 - 11:54:42 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Windows Live Contacts\{7fd2fdcc-496b-440c-85e9-0bd48472cdd6}\DBStore\contacts.edb [4210688] O61 - LFC:Last File Created 01/11/2011 - 11:54:42 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Windows Live Contacts\{7fd2fdcc-496b-440c-85e9-0bd48472cdd6}\DBStore\edb.chk [8192] O61 - LFC:Last File Created 01/11/2011 - 11:54:42 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Windows Live Mail\Calendars\xxxx@hotmail.fr\DBStore\WLCalendarStore.edb [2113536] O61 - LFC:Last File Created 01/11/2011 - 11:54:42 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Windows Live Mail\Calendars\xxxx@hotmail.fr\DBStore\edb.chk [8192] O61 - LFC:Last File Created 01/11/2011 - 11:54:42 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Windows Live Mail\Mail.MSMessageStore [2113536] O61 - LFC:Last File Created 01/11/2011 - 11:54:42 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Windows Live Mail\RssFeeds.xml [264] O61 - LFC:Last File Created 01/11/2011 - 11:54:42 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Windows Live Mail\Sentinel\WLMailSearchSentinel.eml [38] O61 - LFC:Last File Created 01/11/2011 - 11:54:42 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Windows Live Mail\edb.chk [8192] O61 - LFC:Last File Created 01/11/2011 - 11:54:42 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Windows Live Mail\sqmnoopt00.sqm [1196] O61 - LFC:Last File Created 01/11/2011 - 11:54:42 -SHA- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Credentials\S-1-5-21-1547161642-1897051121-725345543-1007\Credentials [11730] O61 - LFC:Last File Created 01/11/2011 - 11:54:43 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Messenger\ContactsLog.txt [3042353] O61 - LFC:Last File Created 01/11/2011 - 11:54:43 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Windows Live Contacts\{34215bc8-143f-43e5-93ed-9f6e53059a6c}\DBStore\contacts.edb [4210688] O61 - LFC:Last File Created 01/11/2011 - 11:54:43 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Windows Live Contacts\{34215bc8-143f-43e5-93ed-9f6e53059a6c}\DBStore\edb.chk [8192] O61 - LFC:Last File Created 01/11/2011 - 11:54:57 --HA- C:\Documents And Settings\Mamounette\NTUSER.DAT [8388608] O61 - LFC:Last File Created 01/11/2011 - 11:56:15 ---A- C:\Documents And Settings\All Users\Application Data\Avira\AntiVir Desktop\IPM\IpmMessages.xml [328] O61 - LFC:Last File Created 01/11/2011 - 11:58:23 ---A- C:\Documents And Settings\Taranis\Recent\ZHPDiag_31-10-11.Txt.lnk [499] O61 - LFC:Last File Created 01/11/2011 - 12:06:20 ---A- C:\Documents And Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\bookmarkbackups\bookmarks-2011-11-01.json [105648] O61 - LFC:Last File Created 01/11/2011 - 12:06:24 ---A- C:\Documents And Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\search.json [15242] O61 - LFC:Last File Created 01/11/2011 - 12:07:24 ---A- C:\Documents And Settings\Taranis\Local Settings\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\startupCache\startupCache.4.little [709792] O61 - LFC:Last File Created 01/11/2011 - 12:08:12 ---A- C:\Documents And Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\extensions.sqlite [458752] O61 - LFC:Last File Created 01/11/2011 - 12:10:01 ---A- C:\Documents And Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\search.sqlite [2048] O61 - LFC:Last File Created 01/11/2011 - 12:10:02 ---A- C:\Documents And Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\adblockplus\cache.js [706253] O61 - LFC:Last File Created 01/11/2011 - 12:10:03 ---A- C:\Documents And Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\cert8.db [196608] O61 - LFC:Last File Created 01/11/2011 - 12:10:03 ---A- C:\Documents And Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\cookies.sqlite [524288] O61 - LFC:Last File Created 01/11/2011 - 12:10:03 ---A- C:\Documents And Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\key3.db [16384] O61 - LFC:Last File Created 01/11/2011 - 12:10:03 ---A- C:\Documents And Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\localstore.rdf [44105] O61 - LFC:Last File Created 01/11/2011 - 12:10:03 ---A- C:\Documents And Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\places.sqlite [10485760] O61 - LFC:Last File Created 01/11/2011 - 12:10:03 ---A- C:\Documents And Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\prefs.js [76839] O61 - LFC:Last File Created 01/11/2011 - 12:10:03 ---A- C:\Documents And Settings\Taranis\Local Settings\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\Cache\_CACHE_001_ [16384] O61 - LFC:Last File Created 01/11/2011 - 12:10:03 ---A- C:\Documents And Settings\Taranis\Local Settings\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\Cache\_CACHE_002_ [4096] O61 - LFC:Last File Created 01/11/2011 - 12:10:03 ---A- C:\Documents And Settings\Taranis\Local Settings\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\Cache\_CACHE_003_ [1024] O61 - LFC:Last File Created 01/11/2011 - 12:10:03 ---A- C:\Documents And Settings\Taranis\Local Settings\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\Cache\_CACHE_MAP_ [8468] O61 - LFC:Last File Created 01/11/2011 - 12:10:03 ---A- C:\Documents And Settings\Taranis\Local Settings\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\OfflineCache\index.sqlite [262144] O61 - LFC:Last File Created 01/11/2011 - 12:10:03 ---A- C:\Documents And Settings\Taranis\Local Settings\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\urlclassifier3.sqlite [40828928] O61 - LFC:Last File Created 01/11/2011 - 12:12:19 ---A- C:\Documents And Settings\Taranis\Local Settings\Temp\IswTmp\Logs\FFApi.swl.old [1084] O61 - LFC:Last File Created 01/11/2011 - 12:16:50 ---A- C:\Documents And Settings\Taranis\Recent\8yv5jtro.default.lnk [1024] O61 - LFC:Last File Created 01/11/2011 - 12:16:50 ---A- C:\Documents And Settings\Taranis\Recent\prefs.js.lnk [1301] O61 - LFC:Last File Created 01/11/2011 - 12:32:58 ---A- C:\Documents And Settings\Mamounette\Application Data\Microsoft\IdentityCRL\Production\MetaConfig.xml [163] O61 - LFC:Last File Created 01/11/2011 - 12:44:18 --HA- C:\Documents And Settings\Mamounette\ntuser.dat.LOG [1024] O61 - LFC:Last File Created 01/11/2011 - 12:44:18 --HA- C:\Documents And Settings\Papounet\ntuser.dat.LOG [1024] O61 - LFC:Last File Created 01/11/2011 - 12:44:44 ---A- C:\Documents And Settings\NetworkService\Local Settings\Historique\History.IE5\index.dat [16384] O61 - LFC:Last File Created 01/11/2011 - 12:44:44 -SHA- C:\Documents And Settings\NetworkService\Cookies\index.dat [16384] O61 - LFC:Last File Created 01/11/2011 - 12:44:46 ---A- C:\Documents And Settings\All Users\Application Data\Avira\AntiVir Desktop\EVENTDB\avevtdb.dbe [39936] O61 - LFC:Last File Created 01/11/2011 - 12:45:51 -SHA- C:\Documents And Settings\Taranis\Local Settings\Application Data\Microsoft\Credentials\S-1-5-21-1547161642-1897051121-725345543-1003\Credentials [11602] O61 - LFC:Last File Created 01/11/2011 - 12:45:52 -SHA- C:\Documents And Settings\Taranis\Local Settings\Historique\History.IE5\MSHist012011110120111102\index.dat [32768] O61 - LFC:Last File Created 01/11/2011 - 12:45:55 -SHA- C:\Documents And Settings\Taranis\Application Data\Microsoft\Internet Explorer\Desktop.htt [2700] O61 - LFC:Last File Created 01/11/2011 - 12:46:27 ---A- C:\Documents And Settings\Taranis\Local Settings\Temp\IswTmp\Logs\FFApi.swl [988] O61 - LFC:Last File Created 01/11/2011 - 12:46:36 ---A- C:\Documents And Settings\Taranis\Local Settings\Application Data\ATI\ACE\Manifest.Bin [32089] O61 - LFC:Last File Created 01/11/2011 - 12:46:36 ---A- C:\Documents And Settings\Taranis\Local Settings\Application Data\ATI\ACE\Manifest.xml [23698] O61 - LFC:Last File Created 01/11/2011 - 12:49:20 --HA- C:\Documents And Settings\Taranis\Local Settings\Historique\History.IE5\index.dat [180224] O61 - LFC:Last File Created 01/11/2011 - 12:49:20 -SHA- C:\Documents And Settings\Taranis\Cookies\index.dat [32768] O61 - LFC:Last File Created 01/11/2011 - 12:49:20 -SHA- C:\Documents And Settings\Taranis\IETldCache\index.dat [262144] O61 - LFC:Last File Created 01/11/2011 - 12:52:13 ---A- C:\Documents And Settings\Taranis\Application Data\Microsoft\HTML Help\hh.dat [8898] O61 - LFC:Last File Created 01/11/2011 - 12:59:11 ---A- C:\Documents And Settings\Taranis\Recent\ZHPDiag MD5_01-11-11.Txt.lnk [427] O61 - LFC:Last File Created 01/11/2011 - 12:59:12 ---A- C:\Documents And Settings\Taranis\Recent\ZHP Diag.lnk [362] O61 - LFC:Last File Created 01/11/2011 - 13:00:02 ---A- C:\Documents And Settings\Taranis\Local Settings\Temp\INMEM000.REM [0] O61 - LFC:Last File Created 01/11/2011 - 13:14:25 ---A- C:\Documents And Settings\Mamounette\Application Data\Mozilla\Firefox\Crash Reports\pending\8e979cda-4dd5-44f3-9b23-1a15ce401a04.dmp [18037] O61 - LFC:Last File Created 01/11/2011 - 13:14:25 ---A- C:\Documents And Settings\Mamounette\Application Data\Mozilla\Firefox\Crash Reports\pending\8e979cda-4dd5-44f3-9b23-1a15ce401a04.extra [2180] O61 - LFC:Last File Created 01/11/2011 - 13:30:22 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Adobe\Acrobat\10.0\UserCache.bin [61739] O61 - LFC:Last File Created 01/11/2011 - 13:34:26 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Adobe\Acrobat\10.0\SharedDataEvents [5120] O61 - LFC:Last File Created 01/11/2011 - 13:41:01 ---A- C:\Documents And Settings\Mamounette\Local Settings\Temp\WLMDSS.tmp\WLMFC.tmp\DSCN0695.JPG [4691460] O61 - LFC:Last File Created 01/11/2011 - 13:41:01 ---A- C:\Documents And Settings\Mamounette\Local Settings\Temp\WLMDSS.tmp\WLMFC.tmp\DSCN0705.JPG [4709447] O61 - LFC:Last File Created 01/11/2011 - 13:41:01 ---A- C:\Documents And Settings\Mamounette\Local Settings\Temp\WLMDSS.tmp\WLMFC.tmp\S7309537 - Copie.JPG [3011034] O61 - LFC:Last File Created 01/11/2011 - 13:43:27 ---A- C:\Documents And Settings\Mamounette\Application Data\vlc\ml.xspf [304] O61 - LFC:Last File Created 01/11/2011 - 14:45:44 ---A- C:\Documents And Settings\Mamounette\Bureau\DSCN0825.JPG [1435311] O61 - LFC:Last File Created 01/11/2011 - 14:45:56 ---A- C:\Documents And Settings\Mamounette\Bureau\DSCN0826.JPG [1471012] O61 - LFC:Last File Created 01/11/2011 - 15:05:53 ---A- C:\Documents And Settings\Mamounette\Application Data\Mozilla\Firefox\Crash Reports\pending\eda3fc38-0087-49ab-8ffa-c0465b3cbe3e.dmp [18037] O61 - LFC:Last File Created 01/11/2011 - 15:05:53 ---A- C:\Documents And Settings\Mamounette\Application Data\Mozilla\Firefox\Crash Reports\pending\eda3fc38-0087-49ab-8ffa-c0465b3cbe3e.extra [2180] O61 - LFC:Last File Created 01/11/2011 - 15:10:53 ---A- C:\Documents And Settings\All Users\Application Data\Avira\AntiVir Desktop\IPM\IpmDocument.html [6277] O61 - LFC:Last File Created 01/11/2011 - 15:13:47 --HA- C:\Documents And Settings\Administrateur\ntuser.dat.LOG [1024] O61 - LFC:Last File Created 01/11/2011 - 15:14:54 ---A- C:\Documents And Settings\Taranis\Local Settings\Application Data\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-6c45e832.idx [487] O61 - LFC:Last File Created 01/11/2011 - 15:19:38 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Snapshots2\RegDPF-Global.reg [2475] O61 - LFC:Last File Created 01/11/2011 - 15:20:58 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Snapshots2\RegBHO-Global.reg [581] O61 - LFC:Last File Created 01/11/2011 - 15:21:37 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante36.zip [734] O61 - LFC:Last File Created 01/11/2011 - 15:21:53 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante37.zip [735] O61 - LFC:Last File Created 01/11/2011 - 15:21:55 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante38.zip [734] O61 - LFC:Last File Created 01/11/2011 - 15:21:56 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante39.zip [736] O61 - LFC:Last File Created 01/11/2011 - 15:21:57 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante40.zip [734] O61 - LFC:Last File Created 01/11/2011 - 15:21:59 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante41.zip [734] O61 - LFC:Last File Created 01/11/2011 - 15:22:01 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante42.zip [733] O61 - LFC:Last File Created 01/11/2011 - 15:22:02 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante43.zip [734] O61 - LFC:Last File Created 01/11/2011 - 15:22:03 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante44.zip [734] O61 - LFC:Last File Created 01/11/2011 - 15:22:04 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante45.zip [735] O61 - LFC:Last File Created 01/11/2011 - 15:22:04 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante46.zip [734] O61 - LFC:Last File Created 01/11/2011 - 15:22:05 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante47.zip [736] O61 - LFC:Last File Created 01/11/2011 - 15:22:05 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante48.zip [735] O61 - LFC:Last File Created 01/11/2011 - 15:22:06 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante49.zip [735] O61 - LFC:Last File Created 01/11/2011 - 15:22:07 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante50.zip [734] O61 - LFC:Last File Created 01/11/2011 - 15:22:07 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante51.zip [734] O61 - LFC:Last File Created 01/11/2011 - 15:22:08 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante52.zip [740] O61 - LFC:Last File Created 01/11/2011 - 15:22:09 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante53.zip [734] O61 - LFC:Last File Created 01/11/2011 - 15:22:09 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante54.zip [736] O61 - LFC:Last File Created 01/11/2011 - 15:22:10 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante55.zip [733] O61 - LFC:Last File Created 01/11/2011 - 15:22:11 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante56.zip [733] O61 - LFC:Last File Created 01/11/2011 - 15:22:12 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante57.zip [741] O61 - LFC:Last File Created 01/11/2011 - 15:22:13 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante58.zip [741] O61 - LFC:Last File Created 01/11/2011 - 15:22:14 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante59.zip [724] O61 - LFC:Last File Created 01/11/2011 - 15:22:15 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante60.zip [721] O61 - LFC:Last File Created 01/11/2011 - 15:22:15 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante61.zip [759] O61 - LFC:Last File Created 01/11/2011 - 15:22:16 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante62.zip [755] O61 - LFC:Last File Created 01/11/2011 - 15:22:17 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante63.zip [776] O61 - LFC:Last File Created 01/11/2011 - 15:22:18 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante64.zip [767] O61 - LFC:Last File Created 01/11/2011 - 15:22:19 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante65.zip [761] O61 - LFC:Last File Created 01/11/2011 - 15:22:24 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante66.zip [770] O61 - LFC:Last File Created 01/11/2011 - 15:22:26 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante67.zip [756] O61 - LFC:Last File Created 01/11/2011 - 15:22:28 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante68.zip [755] O61 - LFC:Last File Created 01/11/2011 - 15:22:29 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante69.zip [760] O61 - LFC:Last File Created 01/11/2011 - 15:22:30 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante70.zip [754] O61 - LFC:Last File Created 01/11/2011 - 15:22:30 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante71.zip [766] O61 - LFC:Last File Created 01/11/2011 - 15:22:31 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante72.zip [762] O61 - LFC:Last File Created 01/11/2011 - 15:22:31 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante73.zip [708] O61 - LFC:Last File Created 01/11/2011 - 15:22:32 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante74.zip [709] O61 - LFC:Last File Created 01/11/2011 - 15:22:32 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante75.zip [709] O61 - LFC:Last File Created 01/11/2011 - 15:22:33 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante76.zip [709] O61 - LFC:Last File Created 01/11/2011 - 15:22:33 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante77.zip [709] O61 - LFC:Last File Created 01/11/2011 - 15:22:34 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante78.zip [710] O61 - LFC:Last File Created 01/11/2011 - 15:22:37 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante79.zip [710] O61 - LFC:Last File Created 01/11/2011 - 15:22:38 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante80.zip [710] O61 - LFC:Last File Created 01/11/2011 - 15:22:38 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante81.zip [709] O61 - LFC:Last File Created 01/11/2011 - 15:22:38 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante82.zip [711] O61 - LFC:Last File Created 01/11/2011 - 15:22:39 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante83.zip [710] O61 - LFC:Last File Created 01/11/2011 - 15:22:39 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante84.zip [709] O61 - LFC:Last File Created 01/11/2011 - 15:22:39 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante85.zip [709] O61 - LFC:Last File Created 01/11/2011 - 15:22:39 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante86.zip [715] O61 - LFC:Last File Created 01/11/2011 - 15:22:39 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante87.zip [709] O61 - LFC:Last File Created 01/11/2011 - 15:22:40 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante88.zip [711] O61 - LFC:Last File Created 01/11/2011 - 15:22:40 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante89.zip [710] O61 - LFC:Last File Created 01/11/2011 - 15:22:40 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante90.zip [708] O61 - LFC:Last File Created 01/11/2011 - 15:22:41 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante91.zip [720] O61 - LFC:Last File Created 01/11/2011 - 15:22:41 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante92.zip [720] O61 - LFC:Last File Created 01/11/2011 - 15:22:41 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante93.zip [741] O61 - LFC:Last File Created 01/11/2011 - 15:22:41 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante94.zip [741] O61 - LFC:Last File Created 01/11/2011 - 15:22:42 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante95.zip [738] O61 - LFC:Last File Created 01/11/2011 - 15:22:42 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante96.zip [734] O61 - LFC:Last File Created 01/11/2011 - 15:22:51 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante97.zip [770] O61 - LFC:Last File Created 01/11/2011 - 15:22:53 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DLLpartagemanquante98.zip [710] O61 - LFC:Last File Created 01/11/2011 - 15:23:49 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Snapshots2\RegGS1-Global.reg [850] O61 - LFC:Last File Created 01/11/2011 - 15:29:09 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Excludes\Bots.sbe [18] O61 - LFC:Last File Created 01/11/2011 - 15:29:09 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Excludes\SystemInternals.sbe [126] O61 - LFC:Last File Created 01/11/2011 - 15:29:40 ---A- C:\Documents And Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Configuration\news.conf [250] O61 - LFC:Last File Created 01/11/2011 - 15:29:56 ---A- C:\Documents And Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Configuration\build.conf [261] O61 - LFC:Last File Created 01/11/2011 - 15:29:56 ---A- C:\Documents And Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref [7283005] O61 - LFC:Last File Created 01/11/2011 - 16:01:41 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Windows Live Mail\Cegetel\Inbox\40B96025-00000AF7.eml [14381] O61 - LFC:Last File Created 01/11/2011 - 16:02:09 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Windows Live Contacts\{2fc601bf-8d14-4b3c-91d5-23ab8953387a}\DBStore\contacts.edb [4210688] O61 - LFC:Last File Created 01/11/2011 - 16:02:09 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Windows Live Contacts\{2fc601bf-8d14-4b3c-91d5-23ab8953387a}\DBStore\edb.chk [8192] O61 - LFC:Last File Created 01/11/2011 - 16:02:10 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Windows Live Contacts\{b8b06f4e-283c-444b-a71b-f53b8ec71adc}\DBStore\contacts.edb [4210688] O61 - LFC:Last File Created 01/11/2011 - 16:02:10 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Windows Live Contacts\{b8b06f4e-283c-444b-a71b-f53b8ec71adc}\DBStore\edb.chk [8192] O61 - LFC:Last File Created 01/11/2011 - 16:02:32 ---A- C:\Documents And Settings\Mamounette\Application Data\wklnhst.dat [34906] O61 - LFC:Last File Created 01/11/2011 - 16:02:33 ---A- C:\Documents And Settings\Mamounette\Application Data\Microsoft\Office\Fichiers récents\Conseil Syndical.lnk [558] O61 - LFC:Last File Created 01/11/2011 - 16:02:33 ---A- C:\Documents And Settings\Mamounette\Application Data\Microsoft\Office\Fichiers récents\OJ CS du 07.11.2011.doc.lnk [680] O61 - LFC:Last File Created 01/11/2011 - 16:02:50 ---A- C:\Documents And Settings\Mamounette\Application Data\Microsoft\Modèles\Normal.dot [188416] O61 - LFC:Last File Created 01/11/2011 - 16:02:50 ---A- C:\Documents And Settings\Mamounette\Application Data\Microsoft\Office\Fichiers récents\Modèles.lnk [775] O61 - LFC:Last File Created 01/11/2011 - 16:02:50 ---A- C:\Documents And Settings\Mamounette\Application Data\Microsoft\Office\Fichiers récents\Normal.dot.lnk [878] O61 - LFC:Last File Created 01/11/2011 - 16:02:50 ---A- C:\Documents And Settings\Mamounette\Application Data\Microsoft\Office\Word10.pip [1680] O61 - LFC:Last File Created 01/11/2011 - 16:02:50 --H-- C:\Documents And Settings\Mamounette\Application Data\Microsoft\Office\Fichiers récents\index.dat [986] O61 - LFC:Last File Created 01/11/2011 - 17:10:14 ---A- C:\Documents And Settings\Mamounette\Application Data\Mozilla\Firefox\Crash Reports\pending\33e536e8-9b25-45ef-a722-e4f4579ad07d.dmp [18037] O61 - LFC:Last File Created 01/11/2011 - 17:10:15 ---A- C:\Documents And Settings\Mamounette\Application Data\Mozilla\Firefox\Crash Reports\pending\33e536e8-9b25-45ef-a722-e4f4579ad07d.extra [2180] O61 - LFC:Last File Created 01/11/2011 - 17:12:00 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Adobe\Acrobat\10.0\AdobeCMapFnt10.lst [512] O61 - LFC:Last File Created 01/11/2011 - 17:12:00 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Adobe\Acrobat\10.0\Cache\AcroFnt10.lst [8231] O61 - LFC:Last File Created 01/11/2011 - 17:18:31 ---A- C:\Documents And Settings\Taranis\Local Settings\Application Data\Adobe\Acrobat\10.0\Cache\RdLang_rdlang32.fra [9373696] O61 - LFC:Last File Created 01/11/2011 - 17:18:44 ---A- C:\Documents And Settings\Taranis\Local Settings\Application Data\Adobe\Acrobat\10.0\UserCache.bin [61739] O61 - LFC:Last File Created 01/11/2011 - 17:19:01 ---A- C:\Documents And Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\extensions\Noia4Options@ArisT2.xpi [129384] O61 - LFC:Last File Created 01/11/2011 - 17:19:01 ---A- C:\Documents And Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\extensions\{faf13420-5e24-11e0-80e3-0800200c9a66}.xpi [1366868] O61 - LFC:Last File Created 01/11/2011 - 17:20:54 ---A- C:\Documents And Settings\All Users\Application Data\Avira\AntiVir Desktop\REPORTS\2553857a.avl [1698] O61 - LFC:Last File Created 01/11/2011 - 17:25:05 ---A- C:\Documents And Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\adblockplus\elemhide.css [970270] O61 - LFC:Last File Created 01/11/2011 - 17:25:07 ---A- C:\Documents And Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\addons.sqlite [262144] O61 - LFC:Last File Created 01/11/2011 - 17:27:05 ---A- C:\Documents And Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\blocklist.xml [11678] O61 - LFC:Last File Created 01/11/2011 - 17:29:02 ---A- C:\Documents And Settings\Taranis\Local Settings\Application Data\Adobe\Acrobat\10.0\AdobeCMapFnt10.lst [512] O61 - LFC:Last File Created 01/11/2011 - 17:29:02 ---A- C:\Documents And Settings\Taranis\Local Settings\Application Data\Adobe\Acrobat\10.0\Cache\AcroFnt10.lst [8231] O61 - LFC:Last File Created 01/11/2011 - 17:29:09 ---A- C:\Documents And Settings\Taranis\Application Data\Adobe\Acrobat\10.0\ReaderMessages [20480] O61 - LFC:Last File Created 01/11/2011 - 17:29:27 ---A- C:\Documents And Settings\Taranis\Local Settings\Application Data\Adobe\Acrobat\10.0\Cache\RdLang_Updater.FRA [14336] O61 - LFC:Last File Created 01/11/2011 - 17:35:03 ---A- C:\Documents And Settings\All Users\Application Data\Avira\AntiVir Desktop\REPORTS\95672573.avl [1606] O61 - LFC:Last File Created 01/11/2011 - 17:45:26 ---A- C:\Documents And Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\bookmarkbackups\bookmarks-2011-10-31.json [105648] O61 - LFC:Last File Created 01/11/2011 - 17:49:54 -SHA- C:\Documents And Settings\Taranis\UserData\index.dat [16384] O61 - LFC:Last File Created 01/11/2011 - 17:50:40 ---A- C:\Documents And Settings\Mamounette\Mes documents\cc_20111031_175036.reg [206] O61 - LFC:Last File Created 01/11/2011 - 17:52:11 -SHA- C:\Documents And Settings\Papounet\Local Settings\Application Data\Microsoft\Credentials\S-1-5-21-1547161642-1897051121-725345543-1005\Credentials [16242] O61 - LFC:Last File Created 01/11/2011 - 17:52:22 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Snapshots2\RegUS1-Papounet.reg [163] O61 - LFC:Last File Created 01/11/2011 - 17:52:42 -SHA- C:\Documents And Settings\Papounet\Application Data\Microsoft\Internet Explorer\UserData\index.dat [16384] O61 - LFC:Last File Created 01/11/2011 - 17:52:45 ---A- C:\Documents And Settings\Papounet\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\places.sqlite [10485760] O61 - LFC:Last File Created 01/11/2011 - 17:52:45 ---A- C:\Documents And Settings\Papounet\Application Data\Mozilla\Firefox\Profiles\l4vv2172.default\places.sqlite [163840] O61 - LFC:Last File Created 01/11/2011 - 17:53:07 ---A- C:\Documents And Settings\Papounet\Mes documents\cc_20111031_175303.reg [4386] O61 - LFC:Last File Created 01/11/2011 - 17:53:29 -SHA- C:\Documents And Settings\Papounet\Application Data\Microsoft\Internet Explorer\Desktop.htt [2702] O61 - LFC:Last File Created 01/11/2011 - 17:53:41 ---A- C:\Documents And Settings\Papounet\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG [1024] O61 - LFC:Last File Created 01/11/2011 - 17:53:43 ---A- C:\Documents And Settings\Papounet\Local Settings\Application Data\ATI\ACE\Manifest.Bin [32089] O61 - LFC:Last File Created 01/11/2011 - 17:53:43 ---A- C:\Documents And Settings\Papounet\Local Settings\Application Data\ATI\ACE\Manifest.xml [23698] O61 - LFC:Last File Created 01/11/2011 - 17:53:53 -SHA- C:\Documents And Settings\Papounet\IETldCache\index.dat [262144] O61 - LFC:Last File Created 01/11/2011 - 17:53:57 ----- C:\Documents And Settings\Papounet\Local Settings\Historique\History.IE5\index.dat [131072] O61 - LFC:Last File Created 01/11/2011 - 17:53:57 -SHA- C:\Documents And Settings\Papounet\Cookies\index.dat [32768] O61 - LFC:Last File Created 01/11/2011 - 17:54:14 --HA- C:\Documents And Settings\Papounet\NTUSER.DAT [9699328] O61 - LFC:Last File Created 01/11/2011 - 17:54:51 -SHA- C:\Documents And Settings\Mamounette\Application Data\Microsoft\Internet Explorer\UserData\index.dat [16384] O61 - LFC:Last File Created 01/11/2011 - 17:54:51 -SHA- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Internet Explorer\DOMStore\index.dat [16384] O61 - LFC:Last File Created 01/11/2011 - 17:55:27 ---A- C:\Documents And Settings\Mamounette\Application Data\Mozilla\Firefox\Profiles\bmhczl5g.default\places.sqlite [135168] O61 - LFC:Last File Created 01/11/2011 - 17:55:27 ---A- C:\Documents And Settings\Mamounette\Application Data\Mozilla\Firefox\Profiles\ua3hnerj.default\places.sqlite [159744] O61 - LFC:Last File Created 01/11/2011 - 17:55:28 ---A- C:\Documents And Settings\Mamounette\Application Data\Mozilla\Firefox\Profiles\v72nv04f.default\places.sqlite [163840] O61 - LFC:Last File Created 01/11/2011 - 17:55:45 ---A- C:\Documents And Settings\Mamounette\Mes documents\cc_20111031_175542.reg [206] O61 - LFC:Last File Created 01/11/2011 - 17:56:47 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Snapshots2\RegGNTCVWL-Global.reg [311] O61 - LFC:Last File Created 01/11/2011 - 17:58:36 ---A- C:\Documents And Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\downloads.sqlite [65536] O61 - LFC:Last File Created 01/11/2011 - 18:01:50 --HA- C:\Documents And Settings\Taranis\Local Settings\Temp\etilqs_XTMgUAN4uDxD6Fx [229404] O61 - LFC:Last File Created 01/11/2011 - 18:05:51 -S-A- C:\Documents And Settings\Taranis\Application Data\Microsoft\CryptnetUrlCache\Content\696F3DE637E6DE85B458996D49D759AD [781] O61 - LFC:Last File Created 01/11/2011 - 18:05:51 -S-A- C:\Documents And Settings\Taranis\Application Data\Microsoft\CryptnetUrlCache\Content\B8CC409ACDBF2A2FE04C56F2875B1FD6 [561] O61 - LFC:Last File Created 01/11/2011 - 18:05:51 -S-A- C:\Documents And Settings\Taranis\Application Data\Microsoft\CryptnetUrlCache\MetaData\696F3DE637E6DE85B458996D49D759AD [156] O61 - LFC:Last File Created 01/11/2011 - 18:05:51 -S-A- C:\Documents And Settings\Taranis\Application Data\Microsoft\CryptnetUrlCache\MetaData\B8CC409ACDBF2A2FE04C56F2875B1FD6 [134] O61 - LFC:Last File Created 01/11/2011 - 18:05:59 -S-A- C:\Documents And Settings\Taranis\Application Data\Microsoft\CryptnetUrlCache\Content\1B749B72855CB97BF2F58675617C9BF9 [576] O61 - LFC:Last File Created 01/11/2011 - 18:05:59 -S-A- C:\Documents And Settings\Taranis\Application Data\Microsoft\CryptnetUrlCache\Content\7B2238AACCEDC3F1FFE8E7EB5F575EC9 [552] O61 - LFC:Last File Created 01/11/2011 - 18:05:59 -S-A- C:\Documents And Settings\Taranis\Application Data\Microsoft\CryptnetUrlCache\MetaData\1B749B72855CB97BF2F58675617C9BF9 [162] O61 - LFC:Last File Created 01/11/2011 - 18:05:59 -S-A- C:\Documents And Settings\Taranis\Application Data\Microsoft\CryptnetUrlCache\MetaData\7B2238AACCEDC3F1FFE8E7EB5F575EC9 [132] O61 - LFC:Last File Created 01/11/2011 - 18:06:16 -S-A- C:\Documents And Settings\Taranis\Application Data\Microsoft\CryptnetUrlCache\Content\A8FABA189DB7D25FBA7CAC806625FD30 [96089] O61 - LFC:Last File Created 01/11/2011 - 18:06:16 -S-A- C:\Documents And Settings\Taranis\Application Data\Microsoft\CryptnetUrlCache\MetaData\A8FABA189DB7D25FBA7CAC806625FD30 [124] O61 - LFC:Last File Created 01/11/2011 - 18:06:19 -S-A- C:\Documents And Settings\Taranis\Application Data\Microsoft\CryptnetUrlCache\Content\3C83474D61E624A4F9844DF935AFE217 [569] O61 - LFC:Last File Created 01/11/2011 - 18:06:19 -S-A- C:\Documents And Settings\Taranis\Application Data\Microsoft\CryptnetUrlCache\MetaData\3C83474D61E624A4F9844DF935AFE217 [142] O61 - LFC:Last File Created 01/11/2011 - 18:11:24 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Snapshots2\Windows Firewall-Global.reg [666] O61 - LFC:Last File Created 01/11/2011 - 18:17:18 -S-A- C:\Documents And Settings\Taranis\Application Data\Microsoft\CryptnetUrlCache\Content\E6024EAC88E6B6165D49FE3C95ADD735 [558] O61 - LFC:Last File Created 01/11/2011 - 18:17:18 -S-A- C:\Documents And Settings\Taranis\Application Data\Microsoft\CryptnetUrlCache\MetaData\E6024EAC88E6B6165D49FE3C95ADD735 [144] O61 - LFC:Last File Created 01/11/2011 - 18:21:54 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Windows Live Mail\Calendars\xxxx@hotmail.fr\DBStore\Backup\new\WLCalendarStore.edb [2121728] O61 - LFC:Last File Created 01/11/2011 - 18:21:55 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Windows Live Mail\Calendars\xxxx@hotmail.fr\DBStore\Backup\new\WLCalendarStore.pat [16384] O61 - LFC:Last File Created 01/11/2011 - 18:21:55 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Windows Live Mail\Calendars\xxxx@hotmail.fr\DBStore\WLCalendarStore.pat [16384] O61 - LFC:Last File Created 01/11/2011 - 18:21:58 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Windows Live Contacts\{b8b06f4e-283c-444b-a71b-f53b8ec71adc}\DBStore\Backup\new\contacts.edb [4218880] O61 - LFC:Last File Created 01/11/2011 - 18:21:58 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Windows Live Contacts\{b8b06f4e-283c-444b-a71b-f53b8ec71adc}\DBStore\contacts.pat [16384] O61 - LFC:Last File Created 01/11/2011 - 18:21:59 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Windows Live Contacts\{b8b06f4e-283c-444b-a71b-f53b8ec71adc}\DBStore\Backup\new\contacts.pat [16384] O61 - LFC:Last File Created 01/11/2011 - 18:22:07 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Windows Live Contacts\{2fc601bf-8d14-4b3c-91d5-23ab8953387a}\DBStore\Backup\new\contacts.edb [4218880] O61 - LFC:Last File Created 01/11/2011 - 18:22:07 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Windows Live Contacts\{2fc601bf-8d14-4b3c-91d5-23ab8953387a}\DBStore\Backup\new\contacts.pat [16384] O61 - LFC:Last File Created 01/11/2011 - 18:22:07 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Windows Live Contacts\{2fc601bf-8d14-4b3c-91d5-23ab8953387a}\DBStore\contacts.pat [16384] O61 - LFC:Last File Created 01/11/2011 - 18:25:31 ---A- C:\Documents And Settings\Mamounette\Application Data\Mozilla\Firefox\Crash Reports\pending\71a1b29d-1af0-4b0e-882b-dde7daccd445.dmp [18037] O61 - LFC:Last File Created 01/11/2011 - 18:25:32 ---A- C:\Documents And Settings\Mamounette\Application Data\Mozilla\Firefox\Crash Reports\pending\71a1b29d-1af0-4b0e-882b-dde7daccd445.extra [2180] O61 - LFC:Last File Created 01/11/2011 - 18:34:50 ---A- C:\Documents And Settings\All Users\Application Data\Avira\AntiVir Desktop\JOBS\updjob.avj [1674] O61 - LFC:Last File Created 01/11/2011 - 18:34:50 ---A- C:\Documents And Settings\All Users\Application Data\Avira\AntiVir Desktop\REPORTS\96acddd5.avl [1528] O61 - LFC:Last File Created 01/11/2011 - 18:34:52 ---A- C:\Documents And Settings\All Users\Application Data\Avira\AntiVir Desktop\IDX\master.idx [56] O61 - LFC:Last File Created 01/11/2011 - 18:35:22 ---A- C:\Documents And Settings\All Users\Application Data\Avira\AntiVir Desktop\REPORTS\37e78682.avl [2126] O61 - LFC:Last File Created 01/11/2011 - 18:45:04 ---A- C:\Documents And Settings\Taranis\Local Settings\Temp\{D09E2E6A-7FEF-4FA3-9A79-EE319921F0D5}\setup.exe [393216] O61 - LFC:Last File Created 01/11/2011 - 18:47:40 -SHA- C:\Documents And Settings\Taranis\Local Settings\Historique\History.IE5\MSHist012011103120111101\index.dat [32768] O61 - LFC:Last File Created 01/11/2011 - 18:48:59 ---A- C:\Documents And Settings\Taranis\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sol [470] O61 - LFC:Last File Created 01/11/2011 - 18:51:34 ---A- C:\Documents And Settings\Taranis\Local Settings\Temp\{57C15756-8E03-42E1-9959-896012EB129F}\setup.isn [256664] O61 - LFC:Last File Created 01/11/2011 - 18:51:54 ---A- C:\Documents And Settings\Taranis\Local Settings\Temp\{886EAF29-8AE4-47FD-A736-1260E3EB5913}\setup.exe [400680] O61 - LFC:Last File Created 01/11/2011 - 18:52:03 ---A- C:\Documents And Settings\Taranis\Bureau\ZHPFixReport.txt [1945] O61 - LFC:Last File Created 01/11/2011 - 18:54:07 -SHA- C:\Documents And Settings\Mamounette\Local Settings\Historique\History.IE5\MSHist012011103120111101\index.dat [32768] O61 - LFC:Last File Created 01/11/2011 - 18:54:26 ---A- C:\Documents And Settings\Mamounette\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\downloads.sqlite [65536] O61 - LFC:Last File Created 01/11/2011 - 18:54:36 ---A- C:\Documents And Settings\Mamounette\Cookies\KQQVJKSX.txt [66] O61 - LFC:Last File Created 01/11/2011 - 18:54:36 ---A- C:\Documents And Settings\Mamounette\Cookies\Y4UQAYPA.txt [67] O61 - LFC:Last File Created 01/11/2011 - 19:04:13 ---A- C:\Documents And Settings\Mamounette\Recent\Hugo_29-10-2011.lnk [631] O61 - LFC:Last File Created 01/11/2011 - 19:05:55 ---A- C:\Documents And Settings\Mamounette\Application Data\Microsoft\Windows\Themes\Custom.theme [8143] O61 - LFC:Last File Created 01/11/2011 - 19:07:03 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Wallpaper3.bmp [45163062] O61 - LFC:Last File Created 01/11/2011 - 19:07:03 -SHA- C:\Documents And Settings\Mamounette\Application Data\Microsoft\Internet Explorer\Desktop.htt [2706] O61 - LFC:Last File Created 01/11/2011 - 19:09:47 ---A- C:\Documents And Settings\Mamounette\Recent\28-10-11 Journée chez Hélène.lnk [691] O61 - LFC:Last File Created 01/11/2011 - 19:10:31 ---A- C:\Documents And Settings\Mamounette\Recent\IMG_7096.JPG.lnk [846] O61 - LFC:Last File Created 01/11/2011 - 19:10:32 ---A- C:\Documents And Settings\Mamounette\Recent\IMG_7097.JPG.lnk [846] O61 - LFC:Last File Created 01/11/2011 - 19:10:32 ---A- C:\Documents And Settings\Mamounette\Recent\IMG_7098.JPG.lnk [846] O61 - LFC:Last File Created 01/11/2011 - 19:11:17 ---A- C:\Documents And Settings\Mamounette\Local Settings\Temp\IswTmp\Logs\FFApi.swl.old [1100] O61 - LFC:Last File Created 01/11/2011 - 19:11:23 ---A- C:\Documents And Settings\Mamounette\Recent\IMG_7109.JPG.lnk [846] O61 - LFC:Last File Created 01/11/2011 - 19:11:34 ---A- C:\Documents And Settings\Mamounette\Recent\IMG_7114.JPG.lnk [846] O61 - LFC:Last File Created 01/11/2011 - 19:13:19 ---A- C:\Documents And Settings\Mamounette\Recent\IMG_7149.JPG.lnk [846] O61 - LFC:Last File Created 01/11/2011 - 19:13:29 ---A- C:\Documents And Settings\Mamounette\Recent\IMG_7158.JPG.lnk [846] O61 - LFC:Last File Created 01/11/2011 - 19:13:42 ---A- C:\Documents And Settings\Mamounette\Recent\IMG_7189.JPG.lnk [846] O61 - LFC:Last File Created 01/11/2011 - 19:13:48 ---A- C:\Documents And Settings\Mamounette\Recent\IMG_7191.JPG.lnk [846] O61 - LFC:Last File Created 01/11/2011 - 19:14:06 ---A- C:\Documents And Settings\Mamounette\Recent\30-10-2011.lnk [637] O61 - LFC:Last File Created 01/11/2011 - 19:14:06 ---A- C:\Documents And Settings\Mamounette\Recent\IMG_7225.JPG.lnk [846] O61 - LFC:Last File Created 01/11/2011 - 19:17:11 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Feeds\FeedsStore.feedsdb-ms [4096] O61 - LFC:Last File Created 01/11/2011 - 19:17:11 ---A- C:\Documents And Settings\Mamounette\Local Settings\Application Data\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~\Galerie de composants Web Slice~.feed-ms [32768] O61 - LFC:Last File Created 01/11/2011 - 21:12:28 ---A- C:\Documents And Settings\Mamounette\Application Data\Mozilla\Firefox\Crash Reports\pending\56eb7faa-c53d-40d7-93c0-b21977832e03.dmp [18037] O61 - LFC:Last File Created 01/11/2011 - 21:12:28 ---A- C:\Documents And Settings\Mamounette\Application Data\Mozilla\Firefox\Crash Reports\pending\56eb7faa-c53d-40d7-93c0-b21977832e03.extra [2180] O61 - LFC:Last File Created 01/11/2011 - 23:35:56 ---A- C:\Documents And Settings\Mamounette\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\addons.sqlite [262144] O61 - LFC:Last File Created 01/11/2011 - 23:37:55 ---A- C:\Documents And Settings\Mamounette\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\blocklist.xml [11678] O61 - LFC:Last File Created 31/10/2011 - 15:15:20 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Excludes\UpdateDL.sbe [0] O61 - LFC:Last File Created 31/10/2011 - 15:29:09 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Excludes\Cookies.sbe [0] O61 - LFC:Last File Created 31/10/2011 - 15:29:09 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Excludes\FileExt.sbe [0] O61 - LFC:Last File Created 31/10/2011 - 15:29:09 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Excludes\Links.sbe [0] O61 - LFC:Last File Created 31/10/2011 - 15:29:09 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Excludes\Single.sbe [0] O61 - LFC:Last File Created 31/10/2011 - 15:29:09 ---A- C:\Documents And Settings\All Users\Application Data\Spybot - Search & Destroy\Excludes\WaitFor.sbe [0] ~ Scan Files in 00mn 02s ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe ~ Scan Keys in 00mn 00s ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ~ Scan Keys in 00mn 00s ---\\ Search Browser Infection (O69) O69 - SBI: prefs.js [Taranis - 8yv5jtro.default] user_pref("CT2613520.ct2613520.SearchEngine", "Recherche||http://search.conduit.com/Results.aspx? O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (@ieframe.dll,-12512) - Bing O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - Bing O69 - SBI: SearchScopes [HKCU] {5B43EE53-99A7-4490-8FCB-E92E1C125DC5} - (Bing) - Bing O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Goo) - Google O69 - SBI: SearchScopes [HKCU] {8418C7A6-D993-4FDE-8228-761D798287D5} - (Ask Search) - http://websearch.ask.com O69 - SBI: SearchScopes [HKCU] {957C8D5B-3C63-458F-9E40-7B328E43FAFE} [DefaultScope] - (Google) - Google O69 - SBI: SearchScopes [HKCU] {B92E9C19-2391-4420-A2B3-0ED981AAF20B} - (Yahoo! Search) - Yahoo! Search - Recherche Web ~ Scan Keys in 00mn 00s ---\\ Recherche particuliere à la racine de certains dossiers (O84) [MD5.6D4AAA65E4003DEC5EBEEF86AF1AE77C] [sPRF][25/07/2005] (.Gadwin Systems, Inc. - PrintScreen captures the contents of the screen with a single keystroke..) -- C:\Program Files\PrintScreen.exe [946176] [MD5.0678EF2737319BEDE70811765B941436] [sPRF][05/02/2010] (.ZebTeam - Pas de description.) -- C:\Program Files\ZebProtect.exe [348160] ~ Scan Files in 00mn 00s ---\\ Scan Additionnel (O88) Database Version : 8786 - (20/09/2011) Clés trouvées (Keys found) : 23 Valeurs trouvées (Values found) : 1 Dossiers trouvés (Folders found) : 3 Fichiers trouvés (Files found) : 0 [HKLM\Software\Classes\AppID\GenericAskToolbar.DLL] =>Toolbar.AskSBar [HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd] =>Toolbar.AskSBar [HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1] =>Toolbar.AskSBar [HKLM\Software\Classes\CLSID\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}] =>Toolbar.Agent [HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] =>Toolbar.AskSBar [HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}] =>Toolbar.AskSBar [HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}] =>Toolbar.Ask [HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}] =>Toolbar.AskSBar [HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}] =>Toolbar.AskSBar [HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}] =>Toolbar.AskSBar [HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}] =>Toolbar.Ask [HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Toolbar.AskSBar [HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AskSBar [HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AskSBar [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AskSBar [HKCU\Software\APN] =>Toolbar.Agent [HKLM\Software\APN] =>Toolbar.Agent [HKCU\Software\Ask.com] =>Toolbar.AskBar [HKCU\Software\Ask.com] =>Toolbar.AskBarDis [HKCU\Software\AskToolbar] =>Toolbar.AskTBar [HKLM\Software\AskToolbar] =>Toolbar.AskTBar [HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Software\AskToolbar] =>Toolbar.AskTBar [HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{D4027C7F-154A-4066-A1AD-4243D8127440} =>Toolbar.AskSBar C:\Documents and Settings\Taranis\Local Settings\Application Data\AskToolbar =>Toolbar.AskTBar C:\Documents and Settings\Taranis\Application Data\Mozilla\Firefox\Profiles\8yv5jtro.default\Conduit =>Toolbar.Conduit ~ Scan Additionnel in 00mn 04s ---\\ Recherche détournement de DNS routeur (O89) Serveur : neufbox Address: 192.168.1.1 Nom : www.l.google.com Addresses: 209.85.148.106, 209.85.148.103, 209.85.148.99, 209.85.148.147 209.85.148.105, 209.85.148.104 Aliases: www.google.fr, www.google.com ~ Scan DNS in 00mn 02s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 01/11/2011 86224 | (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe SR - | Auto 01/11/2011 110032 | (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe SR - | Auto 01/11/2011 463824 | (AntiVirWebService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.exe SR - | Auto 01/11/2011 643072 | (Ati HotKey Poller) . (.ATI Technologies Inc..) - C:\WINDOWS\system32\Ati2evxx.exe SR - | Auto 01/11/2011 212232 | (BCUService) . (.DeviceVM, Inc..) - C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe SS - | Demand 01/11/2011 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\System32\dmadmin.exe SS - | Demand 01/11/2011 136120 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe SR - | Auto 01/11/2011 161664 | (JavaQuickStarterService) . (.Oracle Corporation.) - C:\Program Files\Java\jre7\bin\jqs.exe SS - | Demand 01/11/2011 295192 | (LBTServ) . (.Logitech, Inc..) - C:\Program Files\Fichiers communs\LogiShrd\Bluetooth\lbtserv.exe SR - | Auto 01/11/2011 53248 | (PLFlash DeviceIoControl Service) . (.Prolific Technology Inc..) - C:\WINDOWS\system32\IoctlSvc.exe SS - | Demand 01/11/2011 65795 | (Pml Driver HPZ12) . (.HP.) - C:\WINDOWS\system32\HPZipm12.exe SS - | Demand 01/11/2011 633856 | (ServiceLayer) . (.Nokia.) - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe SR - | Auto 01/11/2011 2435592 | (vsmon) . (.Check Point Software Technologies LTD.) - C:\WINDOWS\system32\ZoneLabs\vsmon.exe ~ Scan Services in 00mn 03s ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover Run by Taranis at 01/11/2011 13:02:55 device: opened successfully user: MBR read successfully Disk trace: called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS 1 ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\Harddisk0\DR0[0x8A5C4AB8] 3 CLASSPNP[0xBA108FD7] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\00000068[0x8A5C7E98] 5 ACPI[0xB9F7E620] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\Ide\IdeDeviceP0T0L0-3[0x8A5C6940] kernel: MBR read successfully user & kernel MBR OK ~ Scan MBR in 00mn 05s ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by Taranis at 01/11/2011 13:02:58 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ Scan MBR in 00mn 07s End of the scan (1417 lines in 01mn 31s)(0)

Bonsoir à tous, Merci "bleuet" et merci "Le Novice °¿° de votre aide. Finalement après un passage sur le forum sécurité la machine à retrouver ses air de jeunesse même un peu plus en désactivant les trucs inutiles. Malgré tout, le passage par ici m' a permis de désactiver les services qui tournaient pour rien. Je ne serais jamais allé dans "services.msc" de moi même. Un peu les jetons quand même de tripatouiller la dedans. Pour ceux qui liraient ce sujet, penser à sauvegarder avant de toucher à quoi que ce soit. cela parait tellement évident mais pris dans l 'élan on peut oublier. Encore merci à tous. Au revoir